[Secure-testing-commits] r20387 - data/CVE

Moritz Muehlenhoff jmm at alioth.debian.org
Tue Oct 23 06:01:56 UTC 2012 

Author: jmm
Date: 2012-10-23 06:01:55 +0000 (Tue, 23 Oct 2012)
New Revision: 20387

Modified:
   data/CVE/list
Log:
mod_security fixed
linux fixed
some mozilla issues don't affect stable


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2012-10-23 05:20:48 UTC (rev 20386)
+++ data/CVE/list	2012-10-23 06:01:55 UTC (rev 20387)
@@ -2435,7 +2435,7 @@
 	RESERVED
 CVE-2012-4528
 	RESERVED
-	- modsecurity-apache <unfixed> (bug #691146)
+	- modsecurity-apache 2.6.6-5 (bug #691146)
 	- libapache-mod-security <removed>
 CVE-2012-4527
 	RESERVED
@@ -3328,6 +3328,9 @@
 	- iceweasel 10.0.8esr-1
 	- icedove 10.0.9-1
 	- iceape 2.7.9-1
+	[squeeze] - iceape <not-affected> (Vulnerable code not present)
+	[squeeze] - icedove <not-affected> (Vulnerable code not present)
+	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
 CVE-2012-4186 (Heap-based buffer overflow in the nsWaveReader::DecodeAudioData ...)
 	- iceweasel 10.0.8esr-1
 	- icedove 10.0.9-1
@@ -3336,10 +3339,16 @@
 	- iceweasel 10.0.8esr-1
 	- icedove 10.0.9-1
 	- iceape 2.7.9-1
+	[squeeze] - iceape <not-affected> (Vulnerable code not present)
+	[squeeze] - icedove <not-affected> (Vulnerable code not present)
+	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
 CVE-2012-4184 (The Chrome Object Wrapper (COW) implementation in Mozilla Firefox ...)
 	- iceweasel 10.0.8esr-1
 	- icedove 10.0.9-1
 	- iceape 2.7.9-1
+	[squeeze] - iceape <not-affected> (Vulnerable code not present)
+	[squeeze] - icedove <not-affected> (Vulnerable code not present)
+	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
 CVE-2012-4183 (Use-after-free vulnerability in the DOMSVGTests::GetRequiredFeatures ...)
 	- iceweasel 10.0.8esr-1
 	- icedove 10.0.9-1
@@ -3352,6 +3361,9 @@
 	- iceweasel 10.0.8esr-1
 	- icedove 10.0.9-1
 	- iceape 2.7.9-1
+	[squeeze] - iceape <not-affected> (Vulnerable code not present)
+	[squeeze] - icedove <not-affected> (Vulnerable code not present)
+	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
 CVE-2012-4180 (Heap-based buffer overflow in the ...)
 	- iceweasel 10.0.8esr-1
 	- icedove 10.0.9-1
@@ -3768,10 +3780,16 @@
 	- iceweasel 10.0.8esr-1
 	- icedove 10.0.9-1
 	- iceape 2.7.9-1
+	[squeeze] - iceape <not-affected> (Vulnerable code not present)
+	[squeeze] - icedove <not-affected> (Vulnerable code not present)
+	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
 CVE-2012-3994 (Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, ...)
 	- iceweasel 10.0.8esr-1
 	- icedove 10.0.9-1
 	- iceape 2.7.9-1
+	[squeeze] - iceape <not-affected> (Vulnerable code not present)
+	[squeeze] - icedove <not-affected> (Vulnerable code not present)
+	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
 CVE-2012-3993 (The Chrome Object Wrapper (COW) implementation in Mozilla Firefox ...)
 	- iceweasel 10.0.8esr-1
 	- icedove 10.0.9-1
@@ -3780,6 +3798,9 @@
 	- iceweasel 10.0.8esr-1
 	- icedove 10.0.9-1
 	- iceape 2.7.9-1
+	[squeeze] - iceape <not-affected> (Vulnerable code not present)
+	[squeeze] - icedove <not-affected> (Vulnerable code not present)
+	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
 CVE-2012-3991 (Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, ...)
 	- iceweasel 10.0.8esr-1
 	- icedove 10.0.9-1
@@ -3796,6 +3817,9 @@
 	- iceweasel 10.0.8esr-1
 	- icedove 10.0.9-1
 	- iceape 2.7.9-1
+	[squeeze] - iceape <not-affected> (Vulnerable code not present)
+	[squeeze] - icedove <not-affected> (Vulnerable code not present)
+	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
 CVE-2012-3987 (Mozilla Firefox before 16.0 on Android assigns chrome privileges to ...)
 	- iceweasel <not-affected> (Android-specific)
 CVE-2012-3986 (Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, ...)
@@ -3819,6 +3843,9 @@
 	- iceweasel 10.0.8esr-1
 	- icedove 10.0.9-1
 	- iceape 2.7.9-1
+	[squeeze] - iceape <not-affected> (Vulnerable code not present)
+	[squeeze] - icedove <not-affected> (Vulnerable code not present)
+	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
 CVE-2012-4747 (Bugzilla 2.x and 3.x through 3.6.11, 3.7.x and 4.0.x before 4.0.8, ...)
 	- bugzilla <removed> (low)
 	[squeeze] - bugzilla <no-dsa> (Minor issue)
@@ -11188,7 +11215,7 @@
 	RESERVED
 CVE-2012-0957 [kernel: uts: stack memory leak in UNAME26]
 	RESERVED
-	- linux <unfixed>
+	- linux 3.2.32-1
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 <not-affected> (Introduced in 3.0)
 	NOTE: https://lkml.org/lkml/2012/10/9/550

More information about the Secure-testing-commits mailing list