[Secure-testing-commits] r20464 - data/CVE
Moritz Muehlenhoff
jmm at alioth.debian.org
Thu Nov 8 07:32:23 UTC 2012
Author: jmm
Date: 2012-11-08 07:32:23 +0000 (Thu, 08 Nov 2012)
New Revision: 20464
Modified:
data/CVE/list
Log:
new glance issue
new trousers issue
new axis issue
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2012-11-08 03:15:05 UTC (rev 20463)
+++ data/CVE/list 2012-11-08 07:32:23 UTC (rev 20464)
@@ -49,7 +49,7 @@
CVE-2011-5242 (tmhOAuth before 0.61 does not verify that the server hostname matches ...)
TODO: check
CVE-2011-5241 (Services_Twitter 0.6.3 does not verify that the server hostname ...)
- TODO: check
+ NOT-FOR-US: PEAR module for Twitter
CVE-2011-5240 (Magento 1.5 and 1.6.2 does not verify that the server hostname matches ...)
TODO: check
CVE-2011-5239 (CiviCRM 4.0.5 and 4.1.1 does not verify that the server hostname ...)
@@ -141,11 +141,11 @@
CVE-2012-5787 (The PayPal merchant SDK does not verify that the server hostname ...)
TODO: check
CVE-2012-5786 (The wsdl_first_https sample code in ...)
- TODO: check
+ NOT-FOR-US: Apache CXF
CVE-2012-5785 (Apache Axis2/Java 1.6.2 and earlier does not verify that the server ...)
TODO: check
CVE-2012-5784 (Apache Axis 1.4 and earlier, as used in PayPal Payments Pro, PayPal ...)
- TODO: check
+ - axis <unfixed> (bug #692650)
CVE-2012-5783 (Apache Commons HttpClient 3.x, as used in Amazon Flexible Payments ...)
- commons-httpclient <unfixed> (bug #692442)
CVE-2012-5782 (Amazon Flexible Payments Service (FPS) PHP Library does not verify ...)
@@ -3238,6 +3238,7 @@
RESERVED
CVE-2012-4573
RESERVED
+ - glance <unfixed> (bug #692641)
CVE-2012-4572
RESERVED
CVE-2012-4571 [python-keyring: CryptedFileKeyring is insecure]
@@ -12840,6 +12841,7 @@
RESERVED
CVE-2012-0698
RESERVED
+ - trousers <unfixed> (bug #692649)
CVE-2011-5066 (The SibRaRecoverableSiXaResource class in the Default Messaging ...)
NOT-FOR-US: WebSphere
CVE-2011-5065 (Cross-site scripting (XSS) vulnerability in IBM WebSphere Application ...)
More information about the Secure-testing-commits
mailing list