[Secure-testing-commits] r20097 - data/CVE

Moritz Muehlenhoff jmm at alioth.debian.org
Wed Sep 5 16:04:45 UTC 2012 

Author: jmm
Date: 2012-09-05 16:04:44 +0000 (Wed, 05 Sep 2012)
New Revision: 20097

Modified:
   data/CVE/list
Log:
new xen issues
more chromium cleanups
dnsmasq fixed
fix version number for exif
inn2 is actually fixed, inn is not affected
mojarra non-issue
obby issue no-dsa for wheezy
"new" smarty issue


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2012-09-05 09:14:24 UTC (rev 20096)
+++ data/CVE/list	2012-09-05 16:04:44 UTC (rev 20097)
@@ -2903,8 +2903,8 @@
 	RESERVED
 CVE-2012-3523 [inn prone to STARTTLS plaintext command injection]
 	RESERVED
-	- inn <unfixed> (bug #685581)
-	- inn2 <unfixed>
+	- inn <not-affected> (STARTTLS was introduced in 2.3, see bug #685581)
+	- inn2 2.5.3-1 (bug #685581)
 CVE-2012-3522 [geshi XSS in contrib/langwiz.php]
 	RESERVED
 	- geshi <not-affected> (Vulnerable code not present, see bug #685323)
@@ -2928,8 +2928,11 @@
 	[squeeze] - tor <no-dsa> (Will be fixed in stable-proposed-updates)
 CVE-2012-3516
 	RESERVED
-CVE-2012-3515
+	- xen <not-affected> (Only affects >= 4.2)
+CVE-2012-3515 [Qemu VT100 emulation vulnerability]
 	RESERVED
+	- xen <unfixed> (bug #686764)
+	[squeeze] - xen <not-affected> (Vulnerable code not present)
 CVE-2012-3514 (OCaml Xml-Light Library before r234 computes hash values without ...)
 	- xml-light <unfixed> (bug #685584)
 CVE-2012-3513 [remote execution as www-data]
@@ -2985,16 +2988,23 @@
 	- devscripts 2.12.2
 CVE-2012-3499
 	RESERVED
-CVE-2012-3498
+CVE-2012-3498 [PHYSDEVOP_map_pirq index vulnerability]
 	RESERVED
-CVE-2012-3497
+	- xen <unfixed> (bug #686764)
+	[squeeze] - xen <not-affected> (Vulnerable code not present)
+CVE-2012-3497 [multiple TMEM hypercall vulnerabilities]
 	RESERVED
-CVE-2012-3496
+	- xen <unfixed> (bug #686764)
+CVE-2012-3496 [XENMEM_populate_physmap DoS vulnerability]
 	RESERVED
-CVE-2012-3495
+	- xen <unfixed> (bug #686764)
+CVE-2012-3495 [hypercall physdev_get_free_pirq vulnerability]
 	RESERVED
-CVE-2012-3494
+	- xen <unfixed> (bug #686764)
+	[squeeze] - xen <not-affected> (Vulnerable code not present)
+CVE-2012-3494 [hypercall set_debugreg vulnerability]
 	RESERVED
+	- xen <unfixed> (bug #686764)
 CVE-2012-3493
 	RESERVED
 CVE-2012-3492
@@ -3237,7 +3247,7 @@
 	- linux-2.6 <removed>
 CVE-2012-3411
 	RESERVED
-	- dnsmasq <unfixed> (low; bug #683372)
+	- dnsmasq 2.63-1 (low; bug #683372)
 	[squeeze] - dnsmasq <no-dsa> (Minor issue)
 CVE-2012-3410 (Stack-based buffer overflow in lib/sh/eaccess.c in GNU Bash before 4.2 ...)
 	- bash 4.2-4 (low)
@@ -4527,7 +4537,7 @@
 	- chromium-browser 21.0.1180.57~r148591
 	[squeeze] - chromium-browser <no-dsa> (minor issue)
 CVE-2012-2845 (Integer overflow in the jpeg_data_load_data function in jpeg-data.c in ...)
-	- exif 0.6.20-3 (low; bug #681465)
+	- exif 0.6.20-2 (low; bug #681465)
 	[squeeze] - exif <no-dsa> (Minor crasher)
 	NOTE: https://bugzilla.novell.com/show_bug.cgi?id=771229
 	NOTE: http://seclists.org/oss-sec/2012/q3/74
@@ -7070,11 +7080,9 @@
 CVE-2012-1847 (Microsoft Excel 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; ...)
 	NOT-FOR-US: Microsoft Excel
 CVE-2012-1846 (Google Chrome 17.0.963.66 and earlier allows remote attackers to ...)
-	- chromium-browser <unfixed>
-	NOTE: Very likely fixed, but exact fixed version unknown
+	- chromium-browser 20.0.1132.21~r139451-1
 CVE-2012-1845 (Use-after-free vulnerability in Google Chrome 17.0.963.66 and earlier ...)
-	- chromium-browser <unfixed>
-	NOTE: Very likely fixed, but exact fixed version unknown
+	- chromium-browser 20.0.1132.21~r139451-1
 CVE-2012-1844 (The Quantum Scalar i500 tape library with firmware before i7.0.3 ...)
 	NOT-FOR-US: Quantum Scalar
 CVE-2012-1843 (Cross-site request forgery (CSRF) vulnerability in saveRestore.htm on ...)
@@ -9889,8 +9897,7 @@
 CVE-2012-0696 (Multiple cross-site scripting (XSS) vulnerabilities in the Executive ...)
 	NOT-FOR-US: IBM Cognos
 CVE-2012-0695 (Multiple unspecified vulnerabilities in Google Chrome before ...)
-	- chromium-browser <unfixed>
-	- webkit <undetermined>
+	NOT-FOR-US: Google Chrome books
 CVE-2012-0694 [SugarCRM CE unserialize PHP code execution in multiple files]
 	RESERVED
 	- sugarcrm-ce-5.0 <itp> (bug #457876)
@@ -14397,6 +14404,7 @@
 CVE-2011-4092
 	RESERVED
 	- obby <unfixed> (low; bug #647317)
+	[wheezy] - obby <no-dsa> (Minor design limitation)
 	[lenny] - obby <no-dsa> (Minor design limitation)
 	[squeeze] - obby <no-dsa> (Minor design limitation)
 CVE-2011-4091
@@ -17467,17 +17475,17 @@
 CVE-2011-3110 (The PDF functionality in Google Chrome before 19.0.1084.52 allows ...)
 	- chromium-browser <not-affected> (PDF functionality not built)
 CVE-2011-3109 (Google Chrome before 19.0.1084.52 on Linux does not properly perform a ...)
-	- chromium-browser <unfixed>
+	- chromium-browser 20.0.1132.21~r139451-1
 CVE-2011-3108 (Use-after-free vulnerability in Google Chrome before 19.0.1084.52 ...)
-	- chromium-browser <unfixed>
+	- chromium-browser 20.0.1132.21~r139451-1
 CVE-2011-3107 (Google Chrome before 19.0.1084.52 does not properly implement ...)
-	- chromium-browser <unfixed>
+	- chromium-browser 20.0.1132.21~r139451-1
 CVE-2011-3106 (The WebSockets implementation in Google Chrome before 19.0.1084.52 ...)
-	- chromium-browser <unfixed>
+	- chromium-browser 20.0.1132.21~r139451-1
 CVE-2011-3105 (Use-after-free vulnerability in the Cascading Style Sheets (CSS) ...)
-	- chromium-browser <unfixed>
+	- chromium-browser 20.0.1132.21~r139451-1
 CVE-2011-3104 (Skia, as used in Google Chrome before 19.0.1084.52, allows remote ...)
-	- chromium-browser <unfixed>
+	- chromium-browser 20.0.1132.21~r139451-1
 CVE-2011-3103 (Google V8, as used in Google Chrome before 19.0.1084.52, does not ...)
 	- libv8 <unfixed>
 CVE-2011-3102 (Off-by-one error in libxml2, as used in Google Chrome before ...)
@@ -19082,9 +19090,8 @@
 CVE-2011-2600 (The GPU support functionality in Windows XP does not properly restrict ...)
 	NOT-FOR-US: Windows XP
 CVE-2011-2599 (Google Chrome 11 does not block use of a cross-domain image as a WebGL ...)
-	- chromium-browser <unfixed>
+	- chromium-browser <unfixed> (unimportant)
 	[squeeze] - chromium-browser <not-affected>
-	- webkit <undetermined>
 CVE-2011-2598 (The WebGL implementation in Mozilla Firefox 4.x allows remote ...)
 	- xulrunner <not-affected> (Only affects Firefox 4.0, not yet in unstable)
 	- iceweasel <not-affected> (Only affects Firefox 4.0, not yet in unstable)
@@ -23656,6 +23663,9 @@
 	NOT-FOR-US: IBM
 CVE-2011-1028
 	RESERVED
+	- smarty3 3.0.8-1
+	- smarty <removed>
+	TODO: check embedded copies
 CVE-2011-1027 (Off-by-one error in the convert_query_hexchar function in html.c in ...)
 	NOT-FOR-US: cgit
 CVE-2011-1026 (Multiple cross-site request forgery (CSRF) vulnerabilities in Apache ...)
@@ -33772,7 +33782,8 @@
 CVE-2010-2088 (ASP.NET in Microsoft .NET 3.5 does not properly handle an unencrypted ...)
 	NOT-FOR-US: Microsoft .NET
 CVE-2010-2087 (Oracle Mojarra 1.2_14 and 2.0.2, as used in IBM WebSphere Application ...)
-	- mojarra <unfixed> (bug #611130)
+	- mojarra <unfixed> (unimportant; bug #611130)
+	NOTE: Affected feature is fundamentally insecure
 CVE-2010-2086 (Apache MyFaces 1.1.7 and 1.2.8, as used in IBM WebSphere Application ...)
 	NOT-FOR-US: Apache MyFaces
 CVE-2010-2085 (The default configuration of ASP.NET in Microsoft .NET before 1.1 has ...)

More information about the Secure-testing-commits mailing list