[Secure-testing-commits] r20413 - data/CVE
Moritz Muehlenhoff
jmm at alioth.debian.org
Mon Oct 29 08:29:03 UTC 2012
Author: jmm
Date: 2012-10-29 08:29:02 +0000 (Mon, 29 Oct 2012)
New Revision: 20413
Modified:
data/CVE/list
Log:
drupal7 fixed
eglibc fixed
new mozilla issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2012-10-29 08:05:11 UTC (rev 20412)
+++ data/CVE/list 2012-10-29 08:29:02 UTC (rev 20413)
@@ -619,7 +619,7 @@
CVE-2012-5389
RESERVED
CVE-2012-XXXX [drupal OpenID module arbitrary code execution]
- - drupal7 <unfixed> (bug #690817)
+ - drupal7 7.14-1.1 (bug #690817)
- drupal6 <not-affected> (according to upstream)
NOTE: http://drupal.org/node/1815912
CVE-2012-5388 (Cross-site scripting (XSS) vulnerability in wlcms-plugin.php in the ...)
@@ -3804,10 +3804,25 @@
RESERVED
CVE-2012-4196
RESERVED
+ - iceweasel 10.0.10esr-1
+ - icedove 10.0.10-1
+ - iceape 2.7.10-1
+ [squeeze] - iceape <not-affected> (vulnerable code not present)
+ [squeeze] - iceweasel <not-affected> (vulnerable code not present)
+ [squeeze] - icedove <not-affected> (vulnerable code not present)
CVE-2012-4195
RESERVED
+ - iceape <not-affected> (Only affects 16.x release from experimental)
+ - iceweasel <not-affected> (Only affects 16.x release from experimental)
+ - icedove <not-affected> (Only affects 16.x release from experimental)
CVE-2012-4194
RESERVED
+ - iceape 2.7.10-1
+ - icedove 10.0.10-1
+ - iceweasel 10.0.10esr-1
+ [squeeze] - iceape <not-affected> (vulnerable code not present)
+ [squeeze] - iceweasel <not-affected> (vulnerable code not present)
+ [squeeze] - icedove <not-affected> (vulnerable code not present)
CVE-2012-4193 (Mozilla Firefox before 16.0.1, Firefox ESR 10.x before 10.0.9, ...)
- iceweasel 10.0.9esr-1
- icedove 10.0.9-1
@@ -5552,7 +5567,7 @@
NOTE: http://www.openwall.com/lists/oss-security/2012/08/20/8
NOTE: https://bugzilla.novell.com/show_bug.cgi?id=776572
CVE-2012-3480 (Multiple integer overflows in the (1) strtod, (2) strtof, (3) strtold, ...)
- - eglibc <unfixed> (bug #684889)
+ - eglibc 2.13-36 (bug #684889)
- glibc <removed>
CVE-2012-3479 (lisp/files.el in Emacs 23.2, 23.3, 23.4, and 24.1 automatically ...)
- emacs23 23.4+1-4 (bug #684695)
More information about the Secure-testing-commits
mailing list