[Secure-testing-commits] r20269 - data/CVE

Moritz Muehlenhoff jmm at alioth.debian.org
Mon Oct 1 08:59:48 UTC 2012 

Author: jmm
Date: 2012-10-01 08:59:48 +0000 (Mon, 01 Oct 2012)
New Revision: 20269

Modified:
   data/CVE/list
Log:
more fixes from 6.0.6


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2012-10-01 08:33:17 UTC (rev 20268)
+++ data/CVE/list	2012-10-01 08:59:48 UTC (rev 20269)
@@ -2595,7 +2595,7 @@
 	RESERVED
 	- nvidia-graphics-drivers 304.37-1 (bug #684781)
 	- nvidia-graphics-drivers-legacy-173xx 173.14.35-3
-	[squeeze] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
+	[squeeze] - nvidia-graphics-drivers 195.36.31-6squeeze2 
 	[squeeze] - nvidia-graphics-drivers-legacy-173xx <no-dsa> (Non-free not supported)
 	NOTE: http://seclists.org/fulldisclosure/2012/Aug/4
 	NOTE: http://nvidia.custhelp.com/app/answers/detail/a_id/3140
@@ -4182,7 +4182,7 @@
 CVE-2012-3521 [geshi information disclosure in contrib/cssgen.php]
 	RESERVED
 	- geshi 1.0.8.4-2 (bug #685324)
-	[squeeze] - geshi <no-dsa> (shipped as example/.gz)
+	[squeeze] - geshi 1.0.8.4-1+squeeze1
 CVE-2012-3520
 	RESERVED
 	- linux 3.2.29-1
@@ -4190,14 +4190,14 @@
 CVE-2012-3519 (routerlist.c in Tor before 0.2.2.38 uses a different amount of time ...)
 	{DSA-2548-1}
 	- tor 0.2.3.20-rc-1 (low)
-	[squeeze] - tor <no-dsa> (Will be fixed in stable-proposed-updates)
+	[squeeze] - tor 0.2.2.38-1
 CVE-2012-3518 (The networkstatus_parse_vote_from_string function in routerparse.c in ...)
 	{DSA-2548-1}
 	- tor 0.2.3.20-rc-1 (low)
-	[squeeze] - tor <no-dsa> (Will be fixed in stable-proposed-updates)
+	[squeeze] - tor 0.2.2.38-1
 CVE-2012-3517 (Use-after-free vulnerability in dns.c in Tor before 0.2.2.38 might ...)
 	- tor 0.2.3.20-rc-1 (low)
-	[squeeze] - tor <no-dsa> (Will be fixed in stable-proposed-updates)
+	[squeeze] - tor 0.2.2.38-1
 CVE-2012-3516
 	RESERVED
 	- xen <not-affected> (Only affects >= 4.2)
@@ -4632,13 +4632,13 @@
 CVE-2012-3386 (The "make distcheck" rule in GNU Automake before 1.11.6 and 1.12.x ...)
 	- automake 1:1.4-p6-13.1
 	- automake1.10 1:1.10.3-3
-	[squeeze] - automake1.10 <no-dsa> (Minor issue)
+	[squeeze] - automake1.10 1:1.10.3-1+squeeze1
 	- automake1.11 1:1.11.6-1 (bug #681097)
 	[squeeze] - automake1.11 1:1.11.1-1+squeeze1
 	- automake1.7 1.7.9-10
-	[squeeze] - automake1.7 <no-dsa> (Minor issue)
+	[squeeze] - automake1.7 1.7.9-9.1+squeeze1
 	- automake1.9 1.9.6+nogfdl-4
-	[squeeze] - automake1.9 <no-dsa> (Minor issue)
+	[squeeze] - automake1.9 1.9.6+nogfdl-3.1+squeeze1
 CVE-2012-3385 (WordPress before 3.4.1 does not properly restrict access to post ...)
 	- wordpress 3.4.1+dfsg-1 (bug #680721)
 	NOTE: http://www.openwall.com/lists/oss-security/2012/07/02/1
@@ -6256,7 +6256,7 @@
 	- php5 5.4.4-4 (low; bug #683274)
 CVE-2012-2687 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
 	- apache2 2.2.22-8 (low)
-	[squeeze] - apache2 <no-dsa> (minor issue)
+	[squeeze] - apache2 2.2.16-6+squeeze8
 CVE-2012-2686
 	RESERVED
 CVE-2012-2685
@@ -6292,6 +6292,7 @@
 	NOT-FOR-US: Android libc
 CVE-2012-2673 (Multiple integer overflows in the (1) GC_generic_malloc and (2) calloc ...)
 	- libgc 1:7.1-9 (bug #677195)
+	[squeeze] - libgc 1:6.8-2
 CVE-2012-2672 (Oracle Mojarra 2.1.7 does not properly "clean up" the FacesContext ...)
 	- mojarra <not-affected> (Only affected in combination with EAP6/AS7 application servers, bug #677194)
 CVE-2012-2671 (The Rack::Cache rubygem 0.3.0 through 1.1 caches Set-Cookie and other ...)
@@ -6785,7 +6786,7 @@
 	NOT-FOR-US: Netsweeper WebAdmin Portal
 CVE-2012-2451 (The Config::IniFiles module before 2.71 for Perl creates temporary ...)
 	- libconfig-inifiles-perl 2.72-1 (bug #671255; low)
-	[squeeze] - libconfig-inifiles-perl <no-dsa> (Will be fixed in spu upload)
+	[squeeze] - libconfig-inifiles-perl 2.52-1+squeeze1
 	NOTE: https://bitbucket.org/shlomif/perl-config-inifiles/changeset/a08fa26f4f59
 	NOTE: http://seclists.org/oss-sec/2012/q2/225
 CVE-2012-2445
@@ -57634,7 +57635,7 @@
 	[etch] - uw-imap <not-affected> (Vulnerable code not present)
 	- alpine 2.02-3.1 (low)
 	[lenny] - alpine <no-dsa> (Minor issue)
-	[squeeze] - alpine <no-dsa> (Minor issue)
+	[squeeze] - alpine  2.00+dfsg-6+squeeze1
 CVE-2008-5513 (Unspecified vulnerability in the session-restore feature in Mozilla ...)
 	{DSA-1707-1}
 	- iceweasel 3.0.5-1

More information about the Secure-testing-commits mailing list