[Secure-testing-commits] r20351 - data/CVE

Moritz Muehlenhoff jmm at alioth.debian.org
Mon Oct 15 14:06:23 UTC 2012 

Author: jmm
Date: 2012-10-15 14:06:23 +0000 (Mon, 15 Oct 2012)
New Revision: 20351

Modified:
   data/CVE/list
Log:
one ffmpeg issue doesn't affect libav
fix axis2c srcpkg name
fix srcpkg names of konqueror, not covered by securiy support


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2012-10-15 08:47:54 UTC (rev 20350)
+++ data/CVE/list	2012-10-15 14:06:23 UTC (rev 20351)
@@ -76,7 +76,7 @@
 CVE-2012-5352 (Java Open Single Sign-On Project Home (JOSSO) allows remote attackers ...)
 	NOT-FOR-US: josso
 CVE-2012-5351 (Apache Axis2 allows remote attackers to forge messages and bypass ...)
-	- libapache2-mod-axis2 <unfixed> (low; bug #690421)
+	- axis2c <unfixed> (low; bug #690421)
 CVE-2012-5350 (SQL injection vulnerability in the Pay With Tweet plugin before 1.2 ...)
 	NOT-FOR-US: wp Pay With Tweet plugin
 CVE-2012-5349 (Multiple cross-site scripting (XSS) vulnerabilities in pay.php in the ...)
@@ -2299,16 +2299,24 @@
 	- librdmacm <unfixed>
 CVE-2012-4515
 	RESERVED
-	- konqueror <unfixed>
+	- kdebase <removed> (unimportant)
+	- kde-baseapps <unfixed> (unimportant)
+	NOTE: Konqueror not supported security-wise
 CVE-2012-4514
 	RESERVED
-	- konqueror <unfixed>
+	- kdebase <removed> (unimportant)
+	- kde-baseapps <unfixed> (unimportant)
+	NOTE: Konqueror not supported security-wise
 CVE-2012-4513
 	RESERVED
-	- konqueror <unfixed>
+	- kdebase <removed> (unimportant)
+	- kde-baseapps <unfixed> (unimportant)
+	NOTE: Konqueror not supported security-wise
 CVE-2012-4512
 	RESERVED
-	- konqueror <unfixed>
+	- kdebase <removed> (unimportant)
+	- kde-baseapps <unfixed> (unimportant)
+	NOTE: Konqueror not supported security-wise
 CVE-2012-4511 [libsocialweb untrusted connection to flickr]
 	RESERVED
 	- libsocialweb <unfixed>
@@ -6493,8 +6501,7 @@
 	[squeeze] - ffmpeg <unfixed> (bug #688849)
 	- libav <unfixed> (bug #688847)
 CVE-2012-2782 (Unspecified vulnerability in the decode_slice_header function in ...)
-	[squeeze] - ffmpeg <unfixed> (bug #688849)
-	- libav <unfixed> (bug #688847)
+	- libav <not-affected> (Doesn't affect libav)
 CVE-2012-2781
 	RESERVED
 CVE-2012-2780

More information about the Secure-testing-commits mailing list