[Secure-testing-commits] r20413 - data/CVE

Moritz Muehlenhoff jmm at alioth.debian.org
Mon Oct 29 08:29:03 UTC 2012 

Author: jmm
Date: 2012-10-29 08:29:02 +0000 (Mon, 29 Oct 2012)
New Revision: 20413

Modified:
   data/CVE/list
Log:
drupal7 fixed
eglibc fixed
new mozilla issues


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2012-10-29 08:05:11 UTC (rev 20412)
+++ data/CVE/list	2012-10-29 08:29:02 UTC (rev 20413)
@@ -619,7 +619,7 @@
 CVE-2012-5389
 	RESERVED
 CVE-2012-XXXX [drupal OpenID module arbitrary code execution]
-	- drupal7 <unfixed> (bug #690817)
+	- drupal7 7.14-1.1 (bug #690817)
 	- drupal6 <not-affected> (according to upstream)
 	NOTE: http://drupal.org/node/1815912
 CVE-2012-5388 (Cross-site scripting (XSS) vulnerability in wlcms-plugin.php in the ...)
@@ -3804,10 +3804,25 @@
 	RESERVED
 CVE-2012-4196
 	RESERVED
+	- iceweasel 10.0.10esr-1
+	- icedove 10.0.10-1
+	- iceape 2.7.10-1
+	[squeeze] - iceape <not-affected> (vulnerable code not present)
+	[squeeze] - iceweasel <not-affected> (vulnerable code not present)
+	[squeeze] - icedove <not-affected> (vulnerable code not present)
 CVE-2012-4195
 	RESERVED
+	- iceape <not-affected> (Only affects 16.x release from experimental)
+	- iceweasel <not-affected> (Only affects 16.x release from experimental)
+	- icedove <not-affected> (Only affects 16.x release from experimental)
 CVE-2012-4194
 	RESERVED
+	- iceape 2.7.10-1
+	- icedove 10.0.10-1
+	- iceweasel 10.0.10esr-1
+	[squeeze] - iceape <not-affected> (vulnerable code not present)
+	[squeeze] - iceweasel <not-affected> (vulnerable code not present)
+	[squeeze] - icedove <not-affected> (vulnerable code not present)
 CVE-2012-4193 (Mozilla Firefox before 16.0.1, Firefox ESR 10.x before 10.0.9, ...)
 	- iceweasel 10.0.9esr-1
 	- icedove 10.0.9-1
@@ -5552,7 +5567,7 @@
 	NOTE: http://www.openwall.com/lists/oss-security/2012/08/20/8
 	NOTE: https://bugzilla.novell.com/show_bug.cgi?id=776572
 CVE-2012-3480 (Multiple integer overflows in the (1) strtod, (2) strtof, (3) strtold, ...)
-	- eglibc <unfixed> (bug #684889)
+	- eglibc 2.13-36 (bug #684889)
 	- glibc <removed> 
 CVE-2012-3479 (lisp/files.el in Emacs 23.2, 23.3, 23.4, and 24.1 automatically ...)
 	- emacs23 23.4+1-4 (bug #684695)

More information about the Secure-testing-commits mailing list