[Secure-testing-commits] r20381 - data/CVE

Moritz Muehlenhoff jmm at alioth.debian.org
Mon Oct 22 06:44:40 UTC 2012 

Author: jmm
Date: 2012-10-22 06:44:39 +0000 (Mon, 22 Oct 2012)
New Revision: 20381

Modified:
   data/CVE/list
Log:
mcrypt bugnum
one more iceweasel issue is fixed
extplorer fixed
revelation fixed, no-dsa for squeeze
new tor issue (fixed)


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2012-10-21 21:15:20 UTC (rev 20380)
+++ data/CVE/list	2012-10-22 06:44:39 UTC (rev 20381)
@@ -2435,7 +2435,7 @@
 	RESERVED
 CVE-2012-4527
 	RESERVED
-	- mcrypt <unfixed>
+	- mcrypt <unfixed> (bug #690924)
 CVE-2012-4526 [XSS in password.php, incomplete fix for CVE-2012-4525]
 	RESERVED
 	- piwigo <not-affected> (incomplete fix not applied to Debian package)
@@ -3336,7 +3336,7 @@
 	- icedove 10.0.9-1
 	- iceape 2.7.9-1
 CVE-2012-4183 (Use-after-free vulnerability in the DOMSVGTests::GetRequiredFeatures ...)
-	- iceweasel <unfixed>
+	- iceweasel 10.0.8esr-1
 	- icedove 10.0.9-1
 	- iceape <unfixed>
 CVE-2012-4182 (Use-after-free vulnerability in the nsTextEditRules::WillInsert ...)
@@ -4230,7 +4230,8 @@
 CVE-2012-3819 (Stack consumption vulnerability in dartwebserver.dll 1.9 and earlier, ...)
 	NOT-FOR-US: dartwebserver.dll
 CVE-2012-3818 (The fpm exporter in Revelation 0.4.13-2 and earlier encrypts the ...)
-	- revelation <unfixed> (bug #680059)
+	- revelation 0.4.13-1.2 (bug #680059)
+	[squeeze] - revelation <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-3818
 	NOTE: http://knoxin.blogspot.co.uk/2012/06/revelation-password-manager-considered.html
 	NOTE: http://als.regnet.cz/fpm2/feedback/2
@@ -5068,7 +5069,7 @@
 CVE-2012-3455 (Heap-based buffer overflow in the read function in ...)
 	- koffice <removed>
 CVE-2012-3454 (eXtplorer 2.1.0b6 uses world writable permissions for the ...)
-	- extplorer <unfixed> (bug #683649)
+	- extplorer 2.1.0b6+dfsg.3-4 (bug #683649)
 CVE-2012-3453 (logol 1.5.0 uses world writable permissions for the ...)
 	- logol 1.5.0-4 (bug #683647)
 CVE-2012-3452 (gnome-screensaver 3.4.x before 3.4.4 and 3.5.x before 3.5.4, when ...)
@@ -8104,6 +8105,7 @@
 	RESERVED
 CVE-2012-2249
 	RESERVED
+	- tor 0.2.3.23-rc-1
 CVE-2012-2248 [build-influenced PATH set in dhclient]
 	RESERVED
 	- isc-dhcp 4.2.4-3 (bug #690532)

More information about the Secure-testing-commits mailing list