[Secure-testing-commits] r20083 - data/CVE
Moritz Muehlenhoff
jmm at alioth.debian.org
Mon Sep 3 10:33:22 UTC 2012
Author: jmm
Date: 2012-09-03 10:33:22 +0000 (Mon, 03 Sep 2012)
New Revision: 20083
Modified:
data/CVE/list
Log:
many new owncloud issues
new mono issue
two struts issues don't affect struts 1.2
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2012-09-03 10:13:07 UTC (rev 20082)
+++ data/CVE/list 2012-09-03 10:33:22 UTC (rev 20083)
@@ -885,35 +885,42 @@
- linux-2.6 <removed>
CVE-2012-4397
RESERVED
+ - owncloud 4.0.1debian-1
CVE-2012-4396
RESERVED
+ - owncloud 4.0.2debian-1
CVE-2012-4395
RESERVED
+ - owncloud 4.0.3debian-1
CVE-2012-4394
RESERVED
+ - owncloud 4.0.5debian-1 (bug #686567)
CVE-2012-4393
RESERVED
+ - owncloud 4.0.7debian-1 (bug #686567)
CVE-2012-4392
RESERVED
+ - owncloud 4.0.7debian-1 (bug #686567)
CVE-2012-4391
RESERVED
+ - owncloud 4.0.7debian-1 (bug #686567)
CVE-2012-4390
RESERVED
+ - owncloud 4.0.7debian-1 (bug #686567)
CVE-2012-4389
RESERVED
+ - owncloud 4.0.7debian-1 (bug #686567)
CVE-2012-4388 [php5 incomplete fix of CVE-2011-1398]
RESERVED
- php5 5.4.1~rc1-1
[squeeze] - php5 <not-affected> (CVE-2011-1398 was never fixed in squeeze)
CVE-2012-4387 [Apache Struts DoS]
RESERVED
- NOTE: check
- NOTE: http://www.openwall.com/lists/oss-security/2012/09/01/4
+ - libstruts1.2-java <not-affected> (Only affects Struts 2)
NOTE: http://struts.apache.org/2.x/docs/s2-011.html
CVE-2012-4386 [Apache Struts CSRF protection bypass]
RESERVED
- TODO: check
- NOTE: http://www.openwall.com/lists/oss-security/2012/09/01/4
+ - libstruts1.2-java <not-affected> (Only affects Struts 2)
NOTE: http://struts.apache.org/2.x/docs/s2-010.html
CVE-2012-4385 [letodms CSRF]
RESERVED
@@ -2784,6 +2791,7 @@
RESERVED
CVE-2012-3543
RESERVED
+ - mono <unfixed> (bug #686562)
CVE-2012-3542
RESERVED
- keystone 2012.1.1-5
@@ -5616,9 +5624,9 @@
{DSA-2460-1}
- asterisk 1:1.8.11.1~dfsg-1 (bug #670180)
CVE-2012-2398 (Cross-site scripting (XSS) vulnerability in files/ajax/download.php in ...)
- - owncloud 4.0.0debian-1
+ - owncloud 3.0.3-1
CVE-2012-2397 (Cross-site request forgery (CSRF) vulnerability in ownCloud 3.0.2 ...)
- - owncloud 4.0.0debian-1
+ - owncloud 3.0.3-1
CVE-2012-2396 (VideoLAN VLC media player 2.0.1 allows remote attackers to cause a ...)
- vlc <unfixed> (unimportant; bug #671727)
- taglib 1.7.2-1 (unimportant)
@@ -5970,9 +5978,9 @@
CVE-2012-2271 (Buffer overflow in the InitLicenKeys function in a certain ActiveX ...)
NOT-FOR-US: SkinCrafter
CVE-2012-2270 (Open redirect vulnerability in index.php (aka the Login Page) in ...)
- - owncloud 4.0.0debian-1
+ - owncloud 3.0.3-1
CVE-2012-2269 (Multiple cross-site scripting (XSS) vulnerabilities in ownCloud 3.0.0 ...)
- - owncloud 4.0.0debian-1
+ - owncloud 3.0.2-1
CVE-2011-5089 (Buffer overflow in the Security Login ActiveX controls in ICONICS ...)
NOT-FOR-US: ICONICS, BizViz
CVE-2011-5088 (The GENESIS32 IcoSetServer ActiveX control in ICONICS GENESIS32 9.21 ...)
More information about the Secure-testing-commits
mailing list