[Secure-testing-commits] r20580 - data/CVE
Moritz Muehlenhoff
jmm at alioth.debian.org
Fri Nov 30 15:04:58 UTC 2012
Author: jmm
Date: 2012-11-30 15:04:57 +0000 (Fri, 30 Nov 2012)
New Revision: 20580
Modified:
data/CVE/list
Log:
CRIME attack also affects QT
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2012-11-30 14:41:53 UTC (rev 20579)
+++ data/CVE/list 2012-11-30 15:04:57 UTC (rev 20580)
@@ -2863,6 +2863,8 @@
CVE-2012-4929 (The TLS protocol 1.2 and earlier, as used in Mozilla Firefox, Google ...)
- iceweasel <not-affected> (Firefox ESV not use TLS/SSL compression)
- chromium-browser 22.0.1229.94~r161065-1
+ - qt4-x11 4:4.8.2+dfsg-3
+ [squeeze] - qt4-x11 <no-dsa> (Minor issue)
NOTE: Chromium fix: https://chromiumcodereview.appspot.com/10825183/
TODO: check openssl
CVE-2012-4928 (Cross-site scripting (XSS) vulnerability in ow_updates/index.php in ...)
@@ -4196,7 +4198,6 @@
RESERVED
- piwigo <unfixed>
[squeeze] - piwigo <not-affected> (vulnerable code not present)
- TODO: report
CVE-2012-4524 [xlockmore bypass]
RESERVED
- xlockmore <removed> (low)
More information about the Secure-testing-commits
mailing list