[Secure-testing-commits] r20280 - data/CVE

Moritz Muehlenhoff jmm at alioth.debian.org
Tue Oct 2 14:32:47 UTC 2012


Author: jmm
Date: 2012-10-02 14:32:47 +0000 (Tue, 02 Oct 2012)
New Revision: 20280

Modified:
   data/CVE/list
Log:
mysql mis-release was never in Debian
xmlrpc-c embeds expat, no-dsa


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2012-10-02 13:53:12 UTC (rev 20279)
+++ data/CVE/list	2012-10-02 14:32:47 UTC (rev 20280)
@@ -2002,6 +2002,7 @@
 	- dracut <unfixed> (bug #688956)
 CVE-2012-4452
 	RESERVED
+	- mysql-dfsg-5.0 <not-affected> (Debian never included that 5.0.88 release)
 CVE-2012-4451 [php-ZendFramework: XSS vectors in multiple Zend Framework components ZF2012-03]
 	RESERVED
 	- zendframework <unfixed> (bug #688946)
@@ -2161,7 +2162,6 @@
 CVE-2012-4405 (Multiple integer underflows in the icmLut_allocate function in ...)
 	- argyll 1.4.0-7 (bug #687275)
 	- ghostscript 9.05~dfsg-6.1 (bug #687274)
-	NOTE: isolated security fix
 CVE-2012-4404 (security/__init__.py in MoinMoin 1.9 through 1.9.4 does not properly ...)
 	{DSA-2538-1}
 	- moin 1.9.4-8
@@ -9977,6 +9977,8 @@
 	NOTE: Since 3.3.0 openoffice.org is a transitional source package to migrate to libreoffice
 CVE-2012-1148 (Memory leak in the poolGrow function in expat/lib/xmlparse.c in expat ...)
 	{DSA-2525-1}
+	- xmlrpc-c <unfixed> (low; bug #687672)
+	[squeeze] - xmlrpc-c <no-dsa> (Minor issue)
 	- expat 2.1.0~beta3-1 (bug #663579)
 CVE-2012-1147 (readfilemap.c in expat before 2.1.0 allows context-dependent attackers ...)
 	- expat <not-affected> (readfilemap.c is not used in *IX)
@@ -10661,6 +10663,8 @@
 CVE-2012-0876 (The XML parser (xmlparse.c) in expat before 2.1.0 computes hash values ...)
 	{DSA-2525-1}
 	- expat 2.1.0~beta3-1 (bug #663579)
+	- xmlrpc-c <unfixed> (low; bug #687672)
+	[squeeze] - xmlrpc-c <no-dsa> (Minor issue)
 	- python2.6 <not-affected> (configured with --with-system-expat since 2.6.6-4)
 CVE-2012-0875 [systemtap invalid read leading to kernel DoS]
 	RESERVED




More information about the Secure-testing-commits mailing list