[Secure-testing-commits] r20088 - data/CVE
Moritz Muehlenhoff
jmm at alioth.debian.org
Tue Sep 4 07:02:32 UTC 2012
Author: jmm
Date: 2012-09-04 07:02:32 +0000 (Tue, 04 Sep 2012)
New Revision: 20088
Modified:
data/CVE/list
Log:
munin fixed
new GCC issue
one openjdk issue also affects openjdk6
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2012-09-03 23:42:11 UTC (rev 20087)
+++ data/CVE/list 2012-09-04 07:02:32 UTC (rev 20088)
@@ -2887,12 +2887,12 @@
- xml-light <unfixed> (bug #685584)
CVE-2012-3513 [remote execution as www-data]
RESERVED
- - munin <unfixed> (bug #684076)
+ - munin 2.0.6-1 (bug #684076)
[squeeze] - munin <not-affected> (vulnerable code introduced in 2.x)
NOTE: http://www.munin-monitoring.org/ticket/1238
CVE-2012-3512 [local privilege escalation munin to root]
RESERVED
- - munin <unfixed> (bug #684075)
+ - munin 2.0.6-1 (bug #684075)
NOTE: http://www.munin-monitoring.org/ticket/1234
CVE-2012-3511
RESERVED
@@ -7425,7 +7425,7 @@
NOT-FOR-US: Solaris
CVE-2012-1682 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
- openjdk-7 <unfixed>
- - openjdk-6 <not-affected>
+ - openjdk-6 <unfixed>
CVE-2012-1681 (Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11 ...)
NOT-FOR-US: Solaris
CVE-2012-1680
@@ -10956,6 +10956,12 @@
RESERVED
CVE-2002-2439
RESERVED
+ - gcc-4.1 <removed>
+ - gcc-4.3 <removed>
+ - gcc-4.4 <unfixed>
+ - gcc-4.6 <unfixed>
+ NOTE: Are there apps known to be exploitable through this?
+ NOTE: Any application using unguarded memory allocation would be susceptible to DoS anyway?
CVE-2002-2438
RESERVED
NOT-FOR-US: ancient linux 2.4 issue
More information about the Secure-testing-commits
mailing list