[Secure-testing-commits] r20468 - data/CVE

Fri Nov 9 14:13:05 UTC 2012

Author: jmm
Date: 2012-11-09 14:13:05 +0000 (Fri, 09 Nov 2012)
New Revision: 20468

Modified:
   data/CVE/list
Log:
glance fix was incomplete, maintainer is aware


Modified: data/CVE/list
===================================================================

--- data/CVE/list	2012-11-08 21:14:20 UTC (rev 20467)
+++ data/CVE/list	2012-11-09 14:13:05 UTC (rev 20468)
@@ -305,7 +305,7 @@
 CVE-2012-5705 (Cross-site scripting (XSS) vulnerability in the settings page ...)
 	TODO: check
 CVE-2012-5704 (The Hotblocks module 6.x-1.x before 6.x-1.8 for Drupal allows remote ...)
-	TODO: check
+	NOT-FOR-US: Drupal addon not packaged in Debian
 CVE-2012-5703
 	RESERVED
 CVE-2012-5702
@@ -800,6 +800,7 @@
 	RESERVED
 CVE-2012-5482
 	RESERVED
+	- glance <unfixed>
 CVE-2012-5481
 	RESERVED
 CVE-2012-5480
@@ -3459,43 +3460,43 @@
 CVE-2012-4501 (Citrix Cloud.com CloudStack, and Apache CloudStack pre-release, allows ...)
 	NOT-FOR-US: CloudStack
 CVE-2012-4500 (The Announcements module 6.x-1.x before 6.x-1.5 for Drupal allows ...)
-	TODO: check
+	NOT-FOR-US: Drupal addon not packaged in Debian
 CVE-2012-4499 (The contact formatter page in the Email Field module 6.x-1.x before ...)
-	TODO: check
+	NOT-FOR-US: Drupal addon not packaged in Debian
 CVE-2012-4498 (The Activism module 6.x-2.x before 6.x-2.1 for Drupal does not ...)
-	TODO: check
+	NOT-FOR-US: Drupal addon not packaged in Debian
 CVE-2012-4497 (Cross-site scripting (XSS) vulnerability in the "3 slide gallery" in ...)
-	TODO: check
+	NOT-FOR-US: Drupal addon not packaged in Debian
 CVE-2012-4496 (Cross-site scripting (XSS) vulnerability in the Custom Publishing ...)
-	TODO: check
+	NOT-FOR-US: Drupal addon not packaged in Debian
 CVE-2012-4495 (The Mime Mail module 6.x-1.x before 6.x-1.1 for Drupal does not ...)
-	TODO: check
+	NOT-FOR-US: Drupal addon not packaged in Debian
 CVE-2012-4494 (The Shibboleth authentication module 7.x-4.0 for Drupal does not ...)
-	TODO: check
+	NOT-FOR-US: Drupal addon not packaged in Debian
 CVE-2012-4493 (Cross-site scripting (XSS) vulnerability in the administrative ...)
-	TODO: check
+	NOT-FOR-US: Drupal addon not packaged in Debian
 CVE-2012-4492 (Multiple cross-site scripting (XSS) vulnerabilities in the Shorten ...)
-	TODO: check
+	NOT-FOR-US: Drupal addon not packaged in Debian
 CVE-2012-4491 (The Monthly Archive by Node Type module 6.x for Drupal does not ...)
-	TODO: check
+	NOT-FOR-US: Drupal addon not packaged in Debian
 CVE-2012-4490 (Multiple cross-site scripting (XSS) vulnerabilities in the Excluded ...)
-	TODO: check
+	NOT-FOR-US: Drupal addon not packaged in Debian
 CVE-2012-4489 (Open redirect vulnerability in the securelogin_secure_redirect ...)
-	TODO: check
+	NOT-FOR-US: Drupal addon not packaged in Debian
 CVE-2012-4488 (The Location module 6.x before 6.x-3.2 and 7.x before 7.x-3.0-alpha1 ...)
-	TODO: check
+	NOT-FOR-US: Drupal addon not packaged in Debian
 CVE-2012-4487 (The Subuser module before 6.x-1.8 for Drupal does not properly check ...)
-	TODO: check
+	NOT-FOR-US: Drupal addon not packaged in Debian
 CVE-2012-4486 (Cross-site request forgery (CSRF) vulnerability in the Subuser module ...)
-	TODO: check
+	NOT-FOR-US: Drupal addon not packaged in Debian
 CVE-2012-4485 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
-	TODO: check
+	NOT-FOR-US: Drupal addon not packaged in Debian
 CVE-2012-4484 (Cross-site scripting (XSS) vulnerability in the administrative ...)
-	TODO: check
+	NOT-FOR-US: Drupal addon not packaged in Debian
 CVE-2012-4483 (The commons_discussion_views_default_views function in ...)
-	TODO: check
+	NOT-FOR-US: Drupal addon not packaged in Debian
 CVE-2012-4482 (The Ubercart SecureTrading Payment Method module 6.x for Drupal does ...)
-	TODO: check
+	NOT-FOR-US: Drupal addon not packaged in Debian
 CVE-2012-4481
 	RESERVED
 	- ruby1.8 1.8.7.358-5 (bug #689945)


