[Secure-testing-commits] r20094 - data/CVE

Moritz Muehlenhoff jmm at alioth.debian.org
Wed Sep 5 05:26:30 UTC 2012 

Author: jmm
Date: 2012-09-05 05:26:30 +0000 (Wed, 05 Sep 2012)
New Revision: 20094

Modified:
   data/CVE/list
Log:
smarty3 issue also affects smarty
older chromium issues are fixed
kernel issues fixed in sid


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2012-09-05 04:41:35 UTC (rev 20093)
+++ data/CVE/list	2012-09-05 05:26:30 UTC (rev 20094)
@@ -1237,7 +1237,8 @@
 	NOT-FOR-US: Free Realty
 CVE-2012-4277 (Cross-site scripting (XSS) vulnerability in the ...)
 	- smarty3 3.1.10-1
-	TODO: check smarty 2 and embedded copies
+	- smarty <removed> (low)
+	TODO: check embedded copies
 CVE-2012-4276 (Unspecified vulnerability in Hitachi IT Operations Director 02-50-01 ...)
 	NOT-FOR-US: Hitachi IT Operations Director
 CVE-2012-4275 (Cross-site scripting (XSS) vulnerability in Hitachi IT Operations ...)
@@ -2814,7 +2815,7 @@
 	NOT-FOR-US: Joomla addon
 CVE-2012-3552
 	RESERVED
-	- linux <unfixed>
+	- linux 3.0-1
 	- linux-2.6 <removed>
 CVE-2012-3551
 	RESERVED
@@ -2939,7 +2940,7 @@
 	NOTE: http://www.munin-monitoring.org/ticket/1234
 CVE-2012-3511
 	RESERVED
-	- linux <unfixed>
+	- linux 3.2.23-1
 	- linux-2.6 <removed>
 CVE-2012-3510
 	RESERVED
@@ -4961,7 +4962,7 @@
 	NOTE: http://www.collabtive.o-dyn.de/blog/?p=426
 CVE-2012-2669 [hyper-v daemon fails to check origin of netlink messages]
 	RESERVED
-	- linux <unfixed>
+	- linux 3.2.23-1
 	[squeeze] - linux-2.6 <not-affected> (userspace daemon not yet present)
 	NOTE: https://bugzilla.novell.com/show_bug.cgi?id=761200
 CVE-2012-2668 (libraries/libldap/tls_m.c in OpenLDAP, possibly 2.4.31 and earlier, ...)
@@ -17481,44 +17482,42 @@
 	- libxml2 2.7.8.dfsg-9.1 (bug #674191)
 	NOTE: http://git.gnome.org/browse/libxml2/commit/?id=d8e1faeaa99c7a7c07af01c1c72de352eb590a3e
 CVE-2011-3101 (Google Chrome before 19.0.1084.46 on Linux does not properly mitigate ...)
-	- chromium-browser <unfixed>
+	- chromium-browser 20.0.1132.21~r139451-1
 	- icedove 10.0.5-1
 CVE-2011-3100 (Google Chrome before 19.0.1084.46 does not properly draw dash paths, ...)
-	- chromium-browser <unfixed>
+	- chromium-browser 20.0.1132.21~r139451-1
 CVE-2011-3099 (Use-after-free vulnerability in the PDF functionality in Google Chrome ...)
-	- chromium-browser <unfixed>
+	- chromium-browser <not-affected> (PDF viewer not included in Chromium)
 CVE-2011-3098 (Google Chrome before 19.0.1084.46 on Windows uses an incorrect search ...)
 	- chromium-browser <not-affected> (Windows-specific)
 CVE-2011-3097 (The PDF functionality in Google Chrome before 19.0.1084.46 allows ...)
 	- chromium-browser <not-affected> (PDF functionality not built)
 CVE-2011-3096 (Use-after-free vulnerability in Google Chrome before 19.0.1084.46 on ...)
-	- chromium-browser <unfixed>
+	- chromium-browser 20.0.1132.21~r139451-1
 CVE-2011-3095 (The OGG container in Google Chrome before 19.0.1084.46 allows remote ...)
-	- chromium-browser <unfixed>
+	- chromium-browser 20.0.1132.21~r139451-1
 CVE-2011-3094 (Google Chrome before 19.0.1084.46 does not properly handle Tibetan ...)
-	- chromium-browser <unfixed>
+	- chromium-browser 20.0.1132.21~r139451-1
 CVE-2011-3093 (Google Chrome before 19.0.1084.46 does not properly handle glyphs, ...)
-	- chromium-browser <unfixed>
+	- chromium-browser 20.0.1132.21~r139451-1
 CVE-2011-3092 (The regex implementation in Google V8, as used in Google Chrome before ...)
 	- libv8 <unfixed>
 CVE-2011-3091 (Use-after-free vulnerability in the IndexedDB implementation in Google ...)
-	- chromium-browser <unfixed>
-CVE-2011-3090 (Race condition in Google Chrome before 19.0.1084.46 allows remote ...)
-	- chromium-browser <unfixed>
+	- chromium-browser 20.0.1132.21~r139451-1
 CVE-2011-3089 (Use-after-free vulnerability in Google Chrome before 19.0.1084.46 ...)
-	- chromium-browser <unfixed>
+	- chromium-browser 20.0.1132.21~r139451-1
 CVE-2011-3088 (Google Chrome before 19.0.1084.46 does not properly draw hairlines, ...)
-	- chromium-browser <unfixed>
+	- chromium-browser 20.0.1132.21~r139451-1
 CVE-2011-3087 (Google Chrome before 19.0.1084.46 does not properly perform window ...)
-	- chromium-browser <unfixed>
+	- chromium-browser 20.0.1132.21~r139451-1
 CVE-2011-3086 (Use-after-free vulnerability in Google Chrome before 19.0.1084.46 ...)
-	- chromium-browser <unfixed>
+	- chromium-browser 20.0.1132.21~r139451-1
 CVE-2011-3085 (The Autofill feature in Google Chrome before 19.0.1084.46 does not ...)
-	- chromium-browser <unfixed>
+	- chromium-browser 20.0.1132.21~r139451-1
 CVE-2011-3084 (Google Chrome before 19.0.1084.46 does not use a dedicated process for ...)
-	- chromium-browser <unfixed>
+	- chromium-browser 20.0.1132.21~r139451-1
 CVE-2011-3083 (browser/profiles/profile_impl_io_data.cc in Google Chrome before ...)
-	- chromium-browser <unfixed>
+	- chromium-browser 20.0.1132.21~r139451-1
 CVE-2011-3082
 	RESERVED
 CVE-2011-3081 (Use-after-free vulnerability in Google Chrome before 18.0.1025.168 ...)

More information about the Secure-testing-commits mailing list