[Secure-testing-commits] r20504 - data/CVE

Michael Gilbert mgilbert at alioth.debian.org
Sun Nov 18 05:04:39 UTC 2012


Author: mgilbert
Date: 2012-11-18 05:04:39 +0000 (Sun, 18 Nov 2012)
New Revision: 20504

Modified:
   data/CVE/list
Log:
tomcat6 fixed

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2012-11-17 22:07:07 UTC (rev 20503)
+++ data/CVE/list	2012-11-18 05:04:39 UTC (rev 20504)
@@ -3813,6 +3813,7 @@
 CVE-2012-4428
 	RESERVED
 	- openslp-dfsg <unfixed> (bug #687597; low)
+	NOTE: no upstream solution as of 11/17/2012
 CVE-2012-4427 (The gnome-shell plugin 3.4.1 in GNOME allows remote attackers to force ...)
 	- gnome-shell <unfixed> (unimportant)
 	NOTE: I don't see much of a problem here, if you install from a repo, you need to trust it
@@ -6275,7 +6276,7 @@
 	- sudo <not-affected> (Red Hat-specific postinst script)
 CVE-2012-3439
 	RESERVED
-	- tomcat6 <unfixed> (bug #692439)
+	- tomcat6 6.0.35-5+nmu1 (bug #692439)
 	- tomcat7 <unfixed> (bug #692440)
 CVE-2012-3438 (The Magick_png_malloc function in coders/png.c in GraphicsMagick ...)
 	- graphicsmagick 1.3.16-1.1 (low; bug #683284)
@@ -8004,8 +8005,8 @@
 	NOT-FOR-US: Cumin
 CVE-2012-2733
 	RESERVED
-	- tomcat6 <unfixed> (bug #692439)
-	- tomcat7 <unfixed> (bug #692440)
+	- tomcat6 6.0.35-5+nmu1 (bug #692439)
+	- tomcat7 7.0.28-1 (bug #692440)
 CVE-2012-2732
 	REJECTED
 CVE-2012-2731 (The Ubercart AJAX Cart 6.x-2.x before 6.x-2.1 for Drupal stores the ...)




More information about the Secure-testing-commits mailing list