[Secure-testing-commits] r20296 - data/CVE
Raphael Geissert
geissert at alioth.debian.org
Sat Oct 6 05:43:03 UTC 2012
Author: geissert
Date: 2012-10-06 05:43:03 +0000 (Sat, 06 Oct 2012)
New Revision: 20296
Modified:
data/CVE/list
Log:
cross-reference some issues with their bug reports
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2012-10-06 01:56:10 UTC (rev 20295)
+++ data/CVE/list 2012-10-06 05:43:03 UTC (rev 20296)
@@ -2453,10 +2453,10 @@
NOTE: http://struts.apache.org/2.x/docs/s2-010.html
CVE-2012-4385 [letodms CSRF]
RESERVED
- - letodms 3.3.7+dfsg-1
+ - letodms 3.3.7+dfsg-1 (bug #689664)
CVE-2012-4384 [letodms XSS]
RESERVED
- - letodms 3.3.7+dfsg-1
+ - letodms 3.3.7+dfsg-1 (bug #689664)
CVE-2012-4383
RESERVED
NOT-FOR-US: Contao
@@ -4394,7 +4394,7 @@
CVE-2012-3525 (s2s/out.c in jabberd2 2.2.16 and earlier does not verify that a ...)
- jabberd2 <unfixed> (bug #685666)
CVE-2012-3524 (libdbus 1.5.x and earlier, when used in setuid or other privileged ...)
- - dbus 1.6.8-1
+ - dbus 1.6.8-1 (bug #689070)
- glib2.0 <unfixed>
[squeeze] - glib2.0 <not-affected> (Vulnerable code not present)
NOTE: fixed in 2.34.0-1 from experimental
@@ -26897,7 +26897,7 @@
NOT-FOR-US: Oracle Solaris
CVE-2011-0411 (The STARTTLS implementation in Postfix 2.4.x before 2.4.16, 2.5.x ...)
{DSA-2233-1}
- - postfix 2.8.0-1
+ - postfix 2.8.0-1 (bug #617849)
NOTE: http://www.securityfocus.com/archive/1/516901/30/0/threaded
NOTE: http://www.postfix.org/announcements/postfix-2.7.3.html
NOTE: http://www.postfix.org/CVE-2011-0411.html
@@ -104774,8 +104774,8 @@
CVE-2006-0198 (Cross-site scripting (XSS) vulnerability in a certain module, possibly ...)
NOT-FOR-US: XOOPS
CVE-2006-0197 (The XClientMessageEvent struct used in certain components of X.Org ...)
- - libx11 <undetermined>
- NOTE: Doesn't look like a security problem, see #349251
+ - libx11 <undetermined> (bug #349251)
+ NOTE: Doesn't look like a security problem, see bug report
CVE-2006-0196 (Unspecified vulnerability in Serial line sniffer (aka slsnif) 0.4.4 ...)
NOT-FOR-US: slsnif
CVE-2006-0195 (Interpretation conflict in the MagicHTML filter in SquirrelMail 1.4.0 ...)
More information about the Secure-testing-commits
mailing list