[Secure-testing-commits] r20456 - data/CVE
Moritz Muehlenhoff
jmm at alioth.debian.org
Tue Nov 6 13:40:37 UTC 2012
Author: jmm
Date: 2012-11-06 13:40:37 +0000 (Tue, 06 Nov 2012)
New Revision: 20456
Modified:
data/CVE/list
Log:
radsecproxy fixed
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2012-11-06 11:11:29 UTC (rev 20455)
+++ data/CVE/list 2012-11-06 13:40:37 UTC (rev 20456)
@@ -1,5 +1,5 @@
CVE-2012-5825 (Tweepy does not verify that the server hostname matches a domain name ...)
- - tweepy <unfixed> (low)
+ - tweepy <unfixed> (low; bug #692444)
CVE-2012-5824 (Trillian 5.1.0.19 does not verify that the server hostname matches a ...)
NOT-FOR-US: Trillian
CVE-2012-5823 (Open Source Classifieds does not verify that the server hostname ...)
@@ -1842,7 +1842,7 @@
CVE-2012-4988
RESERVED
CVE-2012-4987 (Stack-based buffer overflow in RealNetworks RealPlayer 15.0.5.109 ...)
- TODO: check
+ NOT-FOR-US: RealPlayer
CVE-2012-4986
RESERVED
CVE-2012-4985
@@ -3194,7 +3194,7 @@
- letodms 3.3.9+dfsg-1
CVE-2012-4566
RESERVED
- - radsecproxy <unfixed>
+ - radsecproxy 1.6.2-1
CVE-2012-4565
RESERVED
- linux <unfixed>
@@ -3315,7 +3315,7 @@
- xlockmore <removed> (low)
CVE-2012-4523
RESERVED
- - radsecproxy <unfixed>
+ - radsecproxy 1.6.2-1
NOTE: Maintainer is aware. Upstream fix introduces a minor regression
NOTE: http://git.nordu.net/?p=radsecproxy.git;a=commitdiff;h=db965c9bf7cf4acc0830d7b689d69d40b9ecef8c
CVE-2012-4522 [ruby Unintentional file creation caused by inserting a illegal NUL character]
More information about the Secure-testing-commits
mailing list