[Secure-testing-commits] r20499 - data/CVE

Moritz Muehlenhoff jmm at alioth.debian.org
Fri Nov 16 10:35:32 UTC 2012


Author: jmm
Date: 2012-11-16 10:35:31 +0000 (Fri, 16 Nov 2012)
New Revision: 20499

Modified:
   data/CVE/list
Log:
mahara fixed (plus one new issue)
NFUs


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2012-11-16 09:34:55 UTC (rev 20498)
+++ data/CVE/list	2012-11-16 10:35:31 UTC (rev 20499)
@@ -93,7 +93,7 @@
 CVE-2012-5828
 	RESERVED
 CVE-2012-5827 (Joomla! 2.5.x before 2.5.8 allows remote attackers to conduct ...)
-	TODO: check
+	- joomla <itp> (bug #571794)
 CVE-2012-5826
 	RESERVED
 CVE-2011-5243 (TwitterOAuth does not verify that the server hostname matches a domain ...)
@@ -980,9 +980,9 @@
 CVE-2012-5460
 	RESERVED
 CVE-2012-5459 (Untrusted search path vulnerability in VMware Workstation 8.x before ...)
-	TODO: check
+	NOT-FOR-US: VMware
 CVE-2012-5458 (VMware Workstation 8.x before 8.0.5 and VMware Player 4.x before 4.0.5 ...)
-	TODO: check
+	NOT-FOR-US: VMware
 CVE-2012-5457
 	RESERVED
 CVE-2012-5456 (The Zoner AntiVirus Free application for Android does not verify that ...)
@@ -1054,7 +1054,7 @@
 CVE-2012-5425
 	RESERVED
 CVE-2012-5424 (Cisco Secure Access Control System (ACS) 5.x before 5.2 Patch 11 and ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2012-5423
 	RESERVED
 CVE-2012-5422
@@ -2376,13 +2376,13 @@
 CVE-2012-4854
 	RESERVED
 CVE-2012-4853 (Cross-site request forgery (CSRF) vulnerability in IBM WebSphere ...)
-	TODO: check
+	NOT-FOR-US: Websphere
 CVE-2012-4852
 	RESERVED
 CVE-2012-4851 (Cross-site scripting (XSS) vulnerability in IBM WebSphere Application ...)
-	TODO: check
+	NOT-FOR-US: Websphere
 CVE-2012-4850 (IBM WebSphere Application Server 8.5 Liberty Profile before 8.5.0.1, ...)
-	TODO: check
+	NOT-FOR-US: Websphere
 CVE-2012-4849
 	RESERVED
 CVE-2012-4848
@@ -2540,7 +2540,7 @@
 CVE-2012-4776 (The Web Proxy Auto-Discovery (WPAD) functionality in Microsoft .NET ...)
 	TODO: check
 CVE-2012-4775 (Use-after-free vulnerability in Microsoft Internet Explorer 9 allows ...)
-	TODO: check
+	NOT-FOR-US: Internet Explorer
 CVE-2012-4774
 	RESERVED
 CVE-2012-4773 (Multiple cross-site request forgery (CSRF) vulnerabilities in Subrion ...)
@@ -9253,24 +9253,24 @@
 	NOTE: Debian-specific
 CVE-2012-2247
 	RESERVED
-	- mahara <unfixed>
+	- mahara 1.5.1-3
 	NOTE: https://mahara.org/interaction/forum/topic.php?id=4938
 	NOTE: https://bugs.launchpad.net/mahara/+bug/1061980
 CVE-2012-2246
 	RESERVED
-	- mahara <unfixed>
+	- mahara 1.5.1-3
 	NOTE: https://mahara.org/interaction/forum/topic.php?id=493
 	NOTE: https://bugs.launchpad.net/mahara/+bug/1057240
 CVE-2012-2245
 	RESERVED
 CVE-2012-2244
 	RESERVED
-	- mahara <unfixed>
+	- mahara 1.5.1-3
 	NOTE: https://mahara.org/interaction/forum/topic.php?id=4936
 	NOTE: https://bugs.launchpad.net/mahara/+bug/1057238
 CVE-2012-2243
 	RESERVED
-	- mahara <unfixed>
+	- mahara 1.5.1-3
 	NOTE: https://mahara.org/interaction/forum/topic.php?id=4937
 	NOTE: https://bugs.launchpad.net/mahara/+bug/1055232
 	NOTE: https://bugs.launchpad.net/mahara/+bug/1063480
@@ -9285,6 +9285,7 @@
 	- devscripts 2.12.3
 CVE-2012-2239
 	RESERVED
+	- mahara 1.5.1-3
 CVE-2012-2238
 	RESERVED
 	- tryton-server <not-affected> (only affected 2.4, in experimental)




More information about the Secure-testing-commits mailing list