[Secure-testing-commits] r20412 - data/CVE

Moritz Muehlenhoff jmm at alioth.debian.org
Mon Oct 29 08:05:11 UTC 2012 

Author: jmm
Date: 2012-10-29 08:05:11 +0000 (Mon, 29 Oct 2012)
New Revision: 20412

Modified:
   data/CVE/list
Log:
tiff3 not-affected
mysql-5.5 fixed
kfreebsd-9 fixed
bind9 fixed


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2012-10-27 14:35:21 UTC (rev 20411)
+++ data/CVE/list	2012-10-29 08:05:11 UTC (rev 20412)
@@ -621,7 +621,6 @@
 CVE-2012-XXXX [drupal OpenID module arbitrary code execution]
 	- drupal7 <unfixed> (bug #690817)
 	- drupal6 <not-affected> (according to upstream)
-	TODO: check
 	NOTE: http://drupal.org/node/1815912
 CVE-2012-5388 (Cross-site scripting (XSS) vulnerability in wlcms-plugin.php in the ...)
 	TODO: check
@@ -1130,7 +1129,7 @@
 	TODO: check
 CVE-2012-5166 (ISC BIND 9.x before 9.7.6-P4, 9.8.x before 9.8.3-P4, 9.9.x before ...)
 	{DSA-2560-1}
-	- bind9 <unfixed> (bug #690118)
+	- bind9 1:9.8.1.dfsg.P1-4.3 (bug #690118)
 CVE-2012-5165
 	RESERVED
 CVE-2012-5164 (Multiple cross-site scripting (XSS) vulnerabilities in Fork CMS before ...)
@@ -5341,7 +5340,7 @@
 	RESERVED
 CVE-2012-3549 (The SCTP implementation in FreeBSD 8.2 allows remote attackers to ...)
 	- kfreebsd-8 <unfixed> (bug #686961)
-	- kfreebsd-9 <unfixed> (bug #686962)
+	- kfreebsd-9 9.0-7 (bug #686962)
 	- kfreebsd-10 <unfixed> (bug #686963)
 	NOTE: http://www.exploit-db.com/exploits/20226/
 CVE-2012-3548 (The dissect_drda function in epan/dissectors/packet-drda.c in ...)
@@ -6313,7 +6312,7 @@
 	NOT-FOR-US: Oracle PeopleSoft Products
 CVE-2012-3197 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
 	- mysql-5.1 <removed>
-	- mysql-5.5 <unfixed> (bug #690778)
+	- mysql-5.5 5.5.28+dfsg-1 (bug #690778)
 CVE-2012-3196 (Unspecified vulnerability in the Oracle Human Resources component in ...)
 	NOT-FOR-US: Oracle E-Business Suite
 CVE-2012-3195 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
@@ -6348,14 +6347,14 @@
 	NOT-FOR-US: Oracle PeopleSoft Products
 CVE-2012-3180 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
 	- mysql-5.1 <removed>
-	- mysql-5.5 <unfixed> (bug #690778)
+	- mysql-5.5 5.5.28+dfsg-1 (bug #690778)
 CVE-2012-3179 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
 	NOT-FOR-US: Oracle PeopleSoft Products
 CVE-2012-3178
 	RESERVED
 CVE-2012-3177 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
 	- mysql-5.1 <removed>
-	- mysql-5.5 <unfixed> (bug #690778)
+	- mysql-5.5 5.5.28+dfsg-1 (bug #690778)
 CVE-2012-3176 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
 	NOT-FOR-US: Oracle PeopleSoft Products
 CVE-2012-3175 (Unspecified vulnerability in the Oracle Application Server Single ...)
@@ -6364,7 +6363,7 @@
 	RESERVED
 CVE-2012-3173 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
 	- mysql-5.1 <removed>
-	- mysql-5.5 <unfixed> (bug #690778)
+	- mysql-5.5 5.5.28+dfsg-1 (bug #690778)
 CVE-2012-3172
 	RESERVED
 CVE-2012-3171 (Unspecified vulnerability in the Oracle Applications Technology Stack ...)
@@ -6377,34 +6376,34 @@
 	RESERVED
 CVE-2012-3167 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
 	- mysql-5.1 <removed>
-	- mysql-5.5 <unfixed> (bug #690778)
+	- mysql-5.5 5.5.28+dfsg-1 (bug #690778)
 CVE-2012-3166 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
 	- mysql-5.1 <removed>
-	- mysql-5.5 <unfixed> (bug #690778)
+	- mysql-5.5 5.5.28+dfsg-1 (bug #690778)
 CVE-2012-3165 (Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11 ...)
 	NOT-FOR-US: Oracle Sun Solaris
 CVE-2012-3164 (Unspecified vulnerability in the Oracle Marketing component in Oracle ...)
 	NOT-FOR-US: Oracle E-Business Suite
 CVE-2012-3163 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
 	- mysql-5.1 <removed>
-	- mysql-5.5 <unfixed> (bug #690778)
+	- mysql-5.5 5.5.28+dfsg-1 (bug #690778)
 CVE-2012-3162 (Unspecified vulnerability in the Oracle Applications Framework ...)
 	NOT-FOR-US: Oracle E-Business Suite
 CVE-2012-3161 (Unspecified vulnerability in the Oracle Agile PLM Framework component ...)
 	NOT-FOR-US: Oracle Supply Chain Products Suite
 CVE-2012-3160 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
 	- mysql-5.1 <removed>
-	- mysql-5.5 <unfixed> (bug #690778)
+	- mysql-5.5 5.5.28+dfsg-1 (bug #690778)
 CVE-2012-3159 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
 	- openjdk-6 <unfixed> (bug #690774)
 	- openjdk-7 <unfixed> (bug #690774)
 CVE-2012-3158 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
 	- mysql-5.1 <removed>
-	- mysql-5.5 <unfixed> (bug #690778)
+	- mysql-5.5 5.5.28+dfsg-1 (bug #690778)
 CVE-2012-3157 (Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking ...)
 	NOT-FOR-US: Oracle Financial Services Software
 CVE-2012-3156 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
-	- mysql-5.5 <unfixed> (bug #690778)
+	- mysql-5.5 5.5.28+dfsg-1 (bug #690778)
 CVE-2012-3155 (Unspecified vulnerability in the CORBA ORB component in Sun GlassFish ...)
 	NOT-FOR-US: GlassFish Server
 CVE-2012-3154 (Unspecified vulnerability in the Oracle Agile PLM Framework component ...)
@@ -6417,19 +6416,19 @@
 	NOT-FOR-US: Oracle Database Server
 CVE-2012-3150 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
 	- mysql-5.1 <removed>
-	- mysql-5.5 <unfixed> (bug #690778)
+	- mysql-5.5 5.5.28+dfsg-1 (bug #690778)
 CVE-2012-3149 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
-	- mysql-5.5 <unfixed> (bug #690778)
+	- mysql-5.5 5.5.28+dfsg-1 (bug #690778)
 CVE-2012-3148 (Unspecified vulnerability in the Oracle Field Service component in ...)
 	NOT-FOR-US: Oracle E-Business Suite
 CVE-2012-3147 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
-	- mysql-5.5 <unfixed> (bug #690778)
+	- mysql-5.5 5.5.28+dfsg-1 (bug #690778)
 CVE-2012-3146 (Unspecified vulnerability in the Core RDBMS component in Oracle ...)
 	NOT-FOR-US: Oracle Database Server
 CVE-2012-3145 (Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking ...)
 	NOT-FOR-US: Oracle Financial Services Software
 CVE-2012-3144 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
-	- mysql-5.5 <unfixed> (bug #690778)
+	- mysql-5.5 5.5.28+dfsg-1 (bug #690778)
 CVE-2012-3143 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
 	- openjdk-6 <unfixed> (bug #690774)
 	- openjdk-7 <unfixed> (bug #690774)
@@ -9014,7 +9013,7 @@
 CVE-2012-2113 (Multiple integer overflows in tiff2pdf in libtiff before 4.0.2 allow ...)
 	{DSA-2552-1}
 	- tiff 4.0.2-1 (bug #678140)
-	- tiff3 <unfixed>
+	- tiff3 <not-affected> (The tiff-tools package is only built from the tiff source package)
 CVE-2012-2112 (Cross-site scripting (XSS) vulnerability in the Exception Handler in ...)
 	{DSA-2455-1}
 	- typo3-src 4.5.15+dfsg1-1 (bug #669158)

More information about the Secure-testing-commits mailing list