[Secure-testing-commits] r20372 - data/CVE

Moritz Muehlenhoff jmm at alioth.debian.org
Fri Oct 19 05:57:24 UTC 2012


Author: jmm
Date: 2012-10-19 05:57:24 +0000 (Fri, 19 Oct 2012)
New Revision: 20372

Modified:
   data/CVE/list
Log:
vbox fixed
zendframework not-affected
new mcrypt issue 


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2012-10-19 01:31:21 UTC (rev 20371)
+++ data/CVE/list	2012-10-19 05:57:24 UTC (rev 20372)
@@ -2303,6 +2303,7 @@
 	RESERVED
 CVE-2012-4527
 	RESERVED
+	- mcrypt <unfixed>
 CVE-2012-4526 [XSS in password.php, incomplete fix for CVE-2012-4525]
 	RESERVED
 	- piwigo <not-affected> (incomplete fix not applied to Debian package)
@@ -2506,7 +2507,7 @@
 	- mysql-dfsg-5.0 <not-affected> (Debian never included that 5.0.88 release)
 CVE-2012-4451 [php-ZendFramework: XSS vectors in multiple Zend Framework components ZF2012-03]
 	RESERVED
-	- zendframework <unfixed> (bug #688946)
+	- zendframework <not-affected> (Vulnerable code introduced in 2.x, #688946)
 CVE-2012-4450 (389 Directory Server 1.2.10 does not properly update the ACL when a DN ...)
 	- 389-ds-base 1.2.11.15-1 (bug #688942)
 	NOTE: Upstream ticket https://fedorahosted.org/389/ticket/340
@@ -5571,7 +5572,7 @@
 CVE-2012-3222 (Unspecified vulnerability in the Oracle iRecruitment component in ...)
 	NOT-FOR-US: Oracle E-Business Suite
 CVE-2012-3221 (Unspecified vulnerability in the Oracle VM Virtual Box component in ...)
-	- virtualbox <unfixed> (bug #690777)
+	- virtualbox 4.1.18-dfsg-1.1 (bug #690777)
 	- virtualbox-ose <removed>
 	NOTE: http://www.halfdog.net/Security/2012/VirtualBoxSoftwareInterrupt0x8GuestCrash/
 CVE-2012-3220




More information about the Secure-testing-commits mailing list