[Secure-testing-commits] r20568 - data/CVE

Moritz Muehlenhoff jmm at alioth.debian.org
Wed Nov 28 09:03:12 UTC 2012 

Author: jmm
Date: 2012-11-28 09:03:12 +0000 (Wed, 28 Nov 2012)
New Revision: 20568

Modified:
   data/CVE/list
Log:
rssh fixed
mantis fixed
NFUs


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2012-11-28 07:38:53 UTC (rev 20567)
+++ data/CVE/list	2012-11-28 09:03:12 UTC (rev 20568)
@@ -255,7 +255,7 @@
 CVE-2012-5936
 	RESERVED
 CVE-2011-5245 (The readFrom function in providers.jaxb.JAXBXmlTypeProvider in ...)
-	TODO: check
+	NOT-FOR-US: RESTEasy framework for JBoss
 CVE-2012-XXXX [phpcas curl usage]
 	- php-case <unfixed>
 	NOTE: https://github.com/Jasig/phpCAS/pull/58
@@ -418,13 +418,13 @@
 CVE-2012-5865
 	RESERVED
 CVE-2012-5864 (The management web pages on the Sinapsi eSolar Light Photovoltaic ...)
-	TODO: check
+	NOT-FOR-US: Sinapsi eSolar Light Photovoltaic System Monitor
 CVE-2012-5863 (ping.php on the Sinapsi eSolar Light Photovoltaic System Monitor (aka ...)
-	TODO: check
+	NOT-FOR-US: Sinapsi eSolar Light Photovoltaic System Monitor
 CVE-2012-5862 (login.php on the Sinapsi eSolar Light Photovoltaic System Monitor (aka ...)
-	TODO: check
+	NOT-FOR-US: Sinapsi eSolar Light Photovoltaic System Monitor
 CVE-2012-5861 (Multiple SQL injection vulnerabilities on the Sinapsi eSolar Light ...)
-	TODO: check
+	NOT-FOR-US: Sinapsi eSolar Light Photovoltaic System Monitor
 CVE-2012-5860 (Unspecified vulnerability on Oberthur ID-One COSMO 5.2, 5.2a, and 64 ...)
 	NOT-FOR-US: ID-One COSMO
 CVE-2012-XXXX [xscreensaver lock bypass]
@@ -675,13 +675,13 @@
 CVE-2012-5760
 	RESERVED
 CVE-2012-5759 (The IBM WebSphere DataPower XC10 Appliance 2.0.0.0 through 2.0.0.3 and ...)
-	TODO: check
+	NOT-FOR-US: Websphere
 CVE-2012-5758 (The IBM WebSphere DataPower XC10 Appliance 2.0.0.0 through 2.0.0.3 and ...)
-	TODO: check
+	NOT-FOR-US: Websphere
 CVE-2012-5757
 	RESERVED
 CVE-2012-5756 (The IBM WebSphere DataPower XC10 Appliance 2.0.0.0 through 2.0.0.3 and ...)
-	TODO: check
+	NOT-FOR-US: Websphere
 CVE-2012-5755
 	RESERVED
 CVE-2012-5754
@@ -1231,10 +1231,10 @@
 	RESERVED
 	- gajim <unfixed> (bug #693282)
 CVE-2012-5523 (core/email_api.php in MantisBT before 1.2.12 does not properly manage ...)
-	- mantis <unfixed> (bug #693283)
+	- mantis 1.2.11-1.2 (bug #693283)
 	NOTE: http://www.mantisbt.org/bugs/view.php?id=14704
 CVE-2012-5522 (MantisBT before 1.2.12 does not use an expected default value during ...)
-	- mantis <unfixed> (bug #693283)
+	- mantis 1.2.11-1.2 (bug #693283)
 	NOTE: http://www.mantisbt.org/bugs/view.php?id=14496
 CVE-2012-5521
 	RESERVED
@@ -9697,9 +9697,9 @@
 CVE-2012-2253 (Cross-site scripting (XSS) vulnerability in group/members.php in ...)
 	TODO: check
 CVE-2012-2252 [incorrect filtering of --rsh option]
-	- rssh <unfixed>
+	- rssh 2.3.3-6
 CVE-2012-2251 [incorrect filtering of rsync command line]
-	- rssh <unfixed>
+	- rssh 2.3.3-6
 CVE-2012-2250
 	RESERVED
 	- tor 0.2.3.24-rc-1

More information about the Secure-testing-commits mailing list