[Secure-testing-commits] r20342 - data/CVE

Thijs Kinkhorst thijs at alioth.debian.org
Sat Oct 13 20:38:40 UTC 2012 

Author: thijs
Date: 2012-10-13 20:38:39 +0000 (Sat, 13 Oct 2012)
New Revision: 20342

Modified:
   data/CVE/list
Log:
ruby cve assigned
webcalendar removed
new iceweasel cve
condor issues unimportant but fixed in exp


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2012-10-13 13:34:24 UTC (rev 20341)
+++ data/CVE/list	2012-10-13 20:38:39 UTC (rev 20342)
@@ -1,14 +1,11 @@
-CVE-2012-XXXX [ruby Unintentional file creation caused by inserting a illegal NUL character]
-	- ruby1.8 <unfixed>
-	- ruby1.9.1 <unfixed>
 CVE-2012-5386 (Directory traversal vulnerability in index.php in phpPaleo 4.8b180 ...)
-	TODO: check
+	NOT-FOR-US: phpPaleo
 CVE-2012-5385 (install/index.php in Craig Knudsen WebCalendar before 1.2.5 allows ...)
-	TODO: check
+	- webcalendar <removed>
 CVE-2012-5384 (Multiple cross-site scripting (XSS) vulnerabilities in Craig Knudsen ...)
-	TODO: check
+	- webcalendar <removed>
 CVE-2012-5376 (The Inter-process Communication (IPC) implementation in Google Chrome ...)
-	TODO: check
+	- chromium-browser <unfixed>
 CVE-2012-5375
 	RESERVED
 CVE-2012-5374
@@ -48,11 +45,13 @@
 CVE-2012-5357
 	RESERVED
 CVE-2012-5356 (The apt-add-repository tool in Ubuntu Software Properties 0.75.x ...)
-	TODO: check
+	NOT-FOR-US: apt-add-repository
 CVE-2012-5355 (welcome.py in xdiagnose before 2.5.2ubuntu0.1 allows local users to ...)
-	TODO: check
+	NOT-FOR-US: xdiagnose
 CVE-2012-5354 (Mozilla Firefox before 16.0, Thunderbird before 16.0, and SeaMonkey ...)
-	TODO: check
+	- iceweasel <unfixed>
+	- icedove <unfixed>
+	- iceape <unfixed>
 CVE-2012-5383 (** DISPUTED ** Untrusted search path vulnerability in the installation ...)
 	- mysql-5.1 <not-affected> (Windows issue only)
 	- mysql-5.5 <not-affected> (Windows issue only)
@@ -419,11 +418,11 @@
 CVE-2012-5198
 	RESERVED
 CVE-2011-5202 (BazisVirtualCDBus.sys in WinCDEmu 3.6 allows local users to cause a ...)
-	TODO: check
+	NOT-FOR-US: WinCDEmu
 CVE-2012-5197 (Multiple unspecified vulnerabilities in Condor 7.6.x before 7.6.10 and ...)
-	TODO: check
+	- condor 7.8.2~dfsg.1-1+deb7u1 (unimportant)
 CVE-2012-5196 (Multiple buffer overflows in Condor 7.6.x before 7.6.10 and 7.8.x ...)
-	TODO: check
+	- condor 7.8.2~dfsg.1-1+deb7u1 (unimportant)
 CVE-2012-5195 [perl: segfaults when echoing a very long string]
 	RESERVED
 	- perl 5.14.2-14 (bug #689314)
@@ -2278,8 +2277,10 @@
 	RESERVED
 CVE-2012-4523
 	RESERVED
-CVE-2012-4522
+CVE-2012-4522 [ruby Unintentional file creation caused by inserting a illegal NUL character]
 	RESERVED
+	- ruby1.8 <unfixed>
+	- ruby1.9.1 <unfixed>
 CVE-2012-4521 [rejected dupe assignment]
 	RESERVED
 CVE-2012-4520

More information about the Secure-testing-commits mailing list