[Secure-testing-commits] r20115 - data/CVE
Moritz Muehlenhoff
jmm at alioth.debian.org
Fri Sep 7 15:53:22 UTC 2012
Author: jmm
Date: 2012-09-07 15:53:21 +0000 (Fri, 07 Sep 2012)
New Revision: 20115
Modified:
data/CVE/list
Log:
remove more webkit <unfixed> entries, no longer supported/tracked
wireshark fixed
rt-authen-externalauth fixed
mark disputed wordpress issues as unimportant
python2.7 hash collision issue already fixed in rc1, i.e. testing
embedded expat only used up to python2.6
plupload issue was fixed in wordpress a while ago
GCC new int overflow no-dsa (fw, please add info if you find anything missing
or disagree)
fix fixed version for horizon
mark okular as fixed, see NOTE for details
an additional, split-off roundcube issue was fixed along with the original ID
fix swftools entry
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2012-09-07 06:15:16 UTC (rev 20114)
+++ data/CVE/list 2012-09-07 15:53:21 UTC (rev 20115)
@@ -114,11 +114,11 @@
CVE-2012-4743 (Multiple SQL injection vulnerabilities in ssearch.php in Siche search ...)
NOT-FOR-US: Zeroboard
CVE-2012-4742 (The web_node_register function in web.pm in PacketFence before 3.0.2 ...)
- TODO: check
+ NOT-FOR-US: PacketFence
CVE-2012-4741 (The RADIUS extension in PacketFence before 3.3.0 uses a different user ...)
- TODO: check
+ NOT-FOR-US: PacketFence
CVE-2012-4740 (Cross-site scripting (XSS) vulnerability in the captive portal in ...)
- TODO: check
+ NOT-FOR-US: PacketFence
CVE-2012-4739 (Multiple cross-site scripting (XSS) vulnerabilities in Barracuda SSL ...)
NOT-FOR-US: Barracuda SSL VPN
CVE-2012-4738
@@ -1849,13 +1849,13 @@
CVE-2012-4050 (Multiple unspecified vulnerabilities in Google Chrome OS before ...)
NOT-FOR-US: Google Chrome OS
CVE-2012-4049 (epan/dissectors/packet-nfs.c in the NFS dissector in Wireshark 1.4.x ...)
- - wireshark <unfixed>
+ - wireshark 1.8.2-1
[squeeze] - wireshark <not-affected> (Vulnerable code not present)
NOTE: http://www.wireshark.org/security/wnpa-sec-2012-12.html
NOTE: http://www.openwall.com/lists/oss-security/2012/07/24/1
NOTE: http://www.openwall.com/lists/oss-security/2012/07/24/2
CVE-2012-4048 (The PPP dissector in Wireshark 1.4.x before 1.4.14, 1.6.x before ...)
- - wireshark <unfixed> (bug #680056)
+ - wireshark 1.8.2-1 (bug #680056)
NOTE: http://www.wireshark.org/security/wnpa-sec-2012-11.html
NOTE: http://www.openwall.com/lists/oss-security/2012/07/24/1
NOTE: http://www.openwall.com/lists/oss-security/2012/07/24/2
@@ -2947,7 +2947,7 @@
CVE-2012-3541
RESERVED
CVE-2012-3540 (Open redirect vulnerability in views/auth_forms.py in OpenStack ...)
- - horizon 2012.1.1-5 (bug #686050)
+ - horizon 2012.1.1-4 (bug #686050)
CVE-2012-3539
REJECTED
CVE-2012-3538
@@ -3043,7 +3043,7 @@
NOTE: http://gcc.gnu.org/bugzilla/show_bug.cgi?id=54411
TODO: track down the affected packages
CVE-2012-4668 (Cross-site scripting (XSS) vulnerability in Roundcube Webmail 0.8.1 ...)
- - roundcube <unfixed> (bug #685475)
+ - roundcube 0.7.2-4 (bug #685475)
[squeeze] - roundcube <not-affected> (Vulnerable code not present)
NOTE: http://trac.roundcube.net/ticket/1488613
CVE-2012-3508 (Cross-site scripting (XSS) vulnerability in program/lib/washtml.php in ...)
@@ -3317,8 +3317,7 @@
CVE-2012-3415
RESERVED
- plpupload <itp> (bug #668396)
- - wordpress <unfixed>
- TODO: check wordpress' embedded copy
+ - wordpress 3.3.2
CVE-2012-3414 [libjs-swfupload]
RESERVED
- libjs-swfupload 2.2.0.1+ds1-2 (low; bug #681323)
@@ -4808,7 +4807,7 @@
CVE-2012-2771
RESERVED
CVE-2012-2770 (The Authen::ExternalAuth extension before 0.11 for Best Practical ...)
- - rt-authen-externalauth <unfixed> (bug #683288)
+ - rt-authen-externalauth 0.10-2 (bug #683288)
CVE-2012-2769 (Multiple cross-site scripting (XSS) vulnerabilities in the topic ...)
- request-tracker4 4.0.6-1
NOTE: bundled in RT4
@@ -8772,7 +8771,7 @@
RESERVED
- python2.5 <removed> (low)
- python2.6 2.6.8-0.1 (low)
- - python2.7 2.7.3-1 (low)
+ - python2.7 2.7.3~rc1-1 (low)
- python3.2 3.2.3-1 (low)
- python3.1 <removed> (low)
[squeeze] - python2.5 <no-dsa> (Minor issue)
@@ -9474,10 +9473,6 @@
{DSA-2525-1}
- expat 2.1.0~beta3-1 (bug #663579)
- python2.6 2.6.8-0.1
- - python2.7 <unfixed>
- NOTE: python2.7 probably does not use embedded expat copy
- - python3.1 <unfixed>
- - python3.2 <unfixed>
CVE-2012-0875 [systemtap invalid read leading to kernel DoS]
RESERVED
- systemtap 1.7-1 (low; bug #660929; bug #660886)
@@ -9767,7 +9762,7 @@
CVE-2012-0783
RESERVED
CVE-2012-0782 (** DISPUTED ** Multiple cross-site scripting (XSS) vulnerabilities in ...)
- - wordpress <unfixed>
+ - wordpress <unfixed> (unimportant)
NOTE: https://www.trustwave.com/spiderlabs/advisories/TWSL2012-002.txt
CVE-2012-0781 (The tidy_diagnose function in PHP 5.3.8 might allow remote attackers ...)
{DSA-2408-1}
@@ -10012,8 +10007,7 @@
CVE-2012-0677 (Heap-based buffer overflow in Apple iTunes before 10.6.3 allows remote ...)
NOT-FOR-US: Apple iTunes
CVE-2012-0676 (WebKit in Apple Safari before 5.1.7 does not properly track state ...)
- - webkit <unfixed>
- NOTE: http://packetstormsecurity.sebug.net/files/download/112596/APPLE-SA-2012-05-09-2.txt
+ NOT-FOR-US: Apple Safari
CVE-2012-0675 (Time Machine in Apple Mac OS X before 10.7.4 does not require ...)
NOT-FOR-US: Time Machine
CVE-2012-0674 (Safari in Apple iOS before 5.1.1 allows remote attackers to spoof the ...)
@@ -10021,7 +10015,6 @@
CVE-2012-0673
RESERVED
CVE-2012-0672 (WebKit in Apple iOS before 5.1.1 allows remote attackers to execute ...)
- - webkit <unfixed>
NOTE: http://dl.packetstormsecurity.net/1205-advisories/APPLE-SA-2012-05-09-2.txt
CVE-2012-0671 (Apple QuickTime before 7.7.2 allows remote attackers to execute ...)
NOT-FOR-US: Apple QuickTime
@@ -11070,11 +11063,18 @@
CVE-2002-2439
RESERVED
- gcc-4.1 <removed>
+ [squeeze] - gcc-4.1 <no-dsa> (Potentially affected apps need to be recompiled, if such issues are spotted in apps, these cases can be fixed on a case-by-case basis)
- gcc-4.3 <removed>
+ [squeeze] - gcc-4.3 <no-dsa> (Potentially affected apps need to be recompiled, if such issues are spotted in apps, these cases can be fixed on a case-by-case basis)
- gcc-4.4 <unfixed>
+ [squeeze] - gcc-4.4 <no-dsa> (Potentially affected apps need to be recompiled, if such issues are spotted in apps, these cases can be fixed on a case-by-case basis)
+ [wheezy] - gcc-4.4 <no-dsa> (Potentially affected apps need to be recompiled, if such issues are spotted in apps, these cases can be fixed on a case-by-case basis)
- gcc-4.6 <unfixed>
+ [wheezy] - gcc-4.6 <no-dsa> (Potentially affected apps need to be recompiled, if such issues are spotted in apps, these cases can be fixed on a case-by-case basis)
NOTE: Are there apps known to be exploitable through this?
NOTE: Any application using unguarded memory allocation would be susceptible to DoS anyway?
+ NOTE: This should be addressed in jessie by getting this fixed in gcc 4.7, so that the archive is
+ NOTE: properly rebuild with a fixed version from the start
CVE-2002-2438
RESERVED
NOT-FOR-US: ancient linux 2.4 issue
@@ -11539,10 +11539,10 @@
CVE-2011-4905 (Apache ActiveMQ before 5.6.0 allows remote attackers to cause a denial ...)
- activemq 5.5.0+dfsg-5 (bug #655495)
CVE-2011-4899 (** DISPUTED ** wp-admin/setup-config.php in the installation component ...)
- - wordpress <unfixed>
+ - wordpress <unfixed> (unimportant)
NOTE: https://www.trustwave.com/spiderlabs/advisories/TWSL2012-002.txt
CVE-2011-4898 (** DISPUTED ** wp-admin/setup-config.php in the installation component ...)
- - wordpress <unfixed>
+ - wordpress <unfixed> (unimportant)
NOTE: https://www.trustwave.com/spiderlabs/advisories/TWSL2012-002.txt
CVE-2010-5081 (Stack-based buffer overflow in Mini-Stream RM-MP3 Converter 3.1.2.1 ...)
NOT-FOR-US: Mini-Stream RM-MP3 Converter
@@ -16732,7 +16732,6 @@
- iceweasel <not-affected>
NOTE: http://blog.mozilla.com/security/2011/09/27/attack-against-tls-protected-communications/
- chromium-browser 15.0.874.106~r107270-1
- - webkit <unfixed>
- lighttpd 1.4.30-1
NOTE: strictly speaking this is no lighttpd issue, but lighttpd adds a workaround
- curl 7.24.0-1
@@ -18447,7 +18446,6 @@
- chromium-browser <undetermined>
- webkit <undetermined>
CVE-2011-2830 (Google V8, as used in Google Chrome before 14.0.835.163, does not ...)
- - webkit <unfixed> (bug #656057)
NOTE: CVE description is wrong, see #656057
CVE-2011-2829 (Integer overflow in Google Chrome before 13.0.782.215 on 32-bit ...)
- chromium-browser 13.0.782.215~r97094-1
@@ -21448,7 +21446,6 @@
CVE-2011-1775 (The CSecurityTLS::processMsg function in common/rfb/CSecurityTLS.cxx ...)
NOT-FOR-US: TigerVNC
CVE-2011-1774 (WebKit in Apple Safari before 5.0.6 has improper libxslt security ...)
- - webkit <unfixed>
NOTE: CVE-2011-1774 is about webkit's interface to xmlsec, CVE-2011-1425 is the actual issue
NOTE: http://www.openwall.com/lists/oss-security/2011/05/09/4
CVE-2011-1773
@@ -22882,7 +22879,6 @@
{DSA-2192-1}
- chromium-browser 10.0.648.133~r77742-1
[wheezy] - chromium-browser 6.0.472.63~r59945-5+squeeze4
- - webkit <unfixed>
NOTE: needs port
NOTE: http://trac.webkit.org/changeset/80787
CVE-2011-1289
@@ -23063,14 +23059,12 @@
CVE-2011-1204 (Google Chrome before 10.0.648.127 does not properly handle attributes, ...)
- chromium-browser 10.0.648.127~r76697-1
[squeeze] - chromium-browser <no-dsa> (hard merge)
- - webkit <unfixed> (low)
NOTE: http://trac.webkit.org/changeset/79810
NOTE: very hard to merge: needs introduction of ScopedEventQueue.cpp
CVE-2011-1203 (Google Chrome before 10.0.648.127 does not properly handle SVG ...)
{DSA-2189-1}
- chromium-browser 10.0.648.127~r76697-1
[wheezy] - chromium-browser 6.0.472.63~r59945-5+squeeze4
- - webkit <unfixed>
NOTE: http://trac.webkit.org/changeset/79476
CVE-2011-1202 (The xsltGenerateIdFunction function in functions.c in libxslt 1.1.26 ...)
- libxslt 1.1.26-7 (low; bug #617413)
@@ -23150,13 +23144,11 @@
{DSA-2189-1}
- chromium-browser 10.0.648.127~r76697-1
[wheezy] - chromium-browser 6.0.472.63~r59945-5+squeeze4
- - webkit <unfixed>
NOTE: http://trac.webkit.org/changeset/77563
CVE-2011-1189 (Google Chrome before 10.0.648.127 does not properly perform box ...)
{DSA-2189-1}
- chromium-browser 10.0.648.127~r76697-1
[wheezy] - chromium-browser 6.0.472.63~r59945-5+squeeze4
- - webkit <unfixed>
NOTE: http://trac.webkit.org/changeset/79689
CVE-2011-1188 (Google Chrome before 10.0.648.127 does not properly handle counter ...)
{DSA-2189-1}
@@ -23184,7 +23176,6 @@
CVE-2011-1185 (Google Chrome before 10.0.648.127 does not prevent (1) navigation and ...)
- chromium-browser 10.0.648.127~r76697-1
[squeeze] - chromium-browser <no-dsa> (minor issue)
- - webkit <unfixed>
NOTE: http://trac.webkit.org/changeset/74853
CVE-2011-1184 (The HTTP Digest Access Authentication implementation in Apache Tomcat ...)
{DSA-2401-1}
@@ -23395,7 +23386,6 @@
{DSA-2189-1}
- chromium-browser 9.0.597.107~r75357-1
[wheezy] - chromium-browser 6.0.472.63~r59945-5+squeeze4
- - webkit <unfixed>
NOTE: needs port (s/logicalBottom/bottom)
NOTE: http://trac.webkit.org/changeset/77565
CVE-2011-1120 (The WebGL implementation in Google Chrome before 9.0.597.107 allows ...)
@@ -23414,25 +23404,21 @@
- chromium-browser 9.0.597.107~r75357-1
[squeeze] - chromium-browser <not-affected>
[wheezy] - chromium-browser <not-affected>
- - webkit <unfixed>
NOTE: http://trac.webkit.org/changeset/77144
CVE-2011-1117 (Google Chrome before 9.0.597.107 does not properly handle XHTML ...)
- chromium-browser 9.0.597.107~r75357-1
[squeeze] - chromium-browser <not-affected>
[wheezy] - chromium-browser <not-affected>
- - webkit <unfixed>
NOTE: http://trac.webkit.org/changeset/77262
CVE-2011-1116 (Google Chrome before 9.0.597.107 does not properly handle SVG ...)
- chromium-browser 9.0.597.107~r75357-1
[squeeze] - chromium-browser <not-affected>
[wheezy] - chromium-browser <not-affected>
- - webkit <unfixed>
NOTE: http://trac.webkit.org/changeset/77548
CVE-2011-1115 (Google Chrome before 9.0.597.107 does not properly render tables, ...)
{DSA-2189-1}
- chromium-browser 9.0.597.107~r75357-1
[wheezy] - chromium-browser 6.0.472.63~r59945-5+squeeze4
- - webkit <unfixed>
NOTE: http://trac.webkit.org/changeset/76915
CVE-2011-1114 (Google Chrome before 9.0.597.107 does not properly handle tables, ...)
{DSA-2189-1}
@@ -23454,7 +23440,6 @@
- chromium-browser 9.0.597.107~r75357-1
[squeeze] - chromium-browser <not-affected>
[wheezy] - chromium-browser <not-affected>
- - webkit <unfixed>
NOTE: needs port (s/FormAssociatedElement/HTMLFormElement)
NOTE: http://trac.webkit.org/changeset/77114
CVE-2011-1110 (Google Chrome before 9.0.597.107 does not properly implement key frame ...)
@@ -23467,7 +23452,6 @@
{DSA-2189-1}
- chromium-browser 9.0.597.107~r75357-1
[wheezy] - chromium-browser 6.0.472.63~r59945-5+squeeze4
- - webkit <unfixed>
NOTE: http://trac.webkit.org/changeset/76728
CVE-2011-1108 (Google Chrome before 9.0.597.107 does not properly implement ...)
{DSA-2189-1}
@@ -23782,6 +23766,7 @@
CVE-2011-1015 (The is_cgi method in CGIHTTPServer.py in the CGIHTTPServer module in ...)
- python2.6 <unfixed> (low; bug #614860)
[squeeze] - python2.6 <no-dsa> (Minor issue, fix modifies behaviour, too intrusive to backport)
+ [wheezy] - python2.6 <no-dsa> (Minor issue, fix modifies behaviour, too intrusive to backport)
- python2.5 <unfixed> (low)
[squeeze] - python2.5 <no-dsa> (Minor issue, fix modifies behaviour, too intrusive to backport)
[lenny] - python2.5 <no-dsa> (Minor issue, fix modifies behaviour, too intrusive to backport)
@@ -23962,13 +23947,11 @@
- chromium-browser 9.0.597.98~r74359-1
[squeeze] - chromium-browser <not-affected>
[wheezy] - chromium-browser 6.0.472.63~r59945-5+squeeze4
- - webkit <unfixed>
NOTE: http://trac.webkit.org/changeset/76990
CVE-2011-0981 (Google Chrome before 9.0.597.94 does not properly perform event ...)
{DSA-2166-1}
- chromium-browser 9.0.597.98~r74359-1
[wheezy] - chromium-browser 6.0.472.63~r59945-5+squeeze4
- - webkit <unfixed>
NOTE: http://trac.webkit.org/changeset/76708
CVE-2011-0980 (Microsoft Excel 2002 SP3 and 2003 SP3, Office 2004 and 2008 for Mac, ...)
NOT-FOR-US: Microsoft Office Excel 2003
@@ -24446,7 +24429,6 @@
{DSA-2166-1}
- chromium-browser 9.0.597.84~r72991-1
[wheezy] - chromium-browser 6.0.472.63~r59945-5+squeeze4
- - webkit <unfixed>
NOTE: http://trac.webkit.org/changeset/72230
CVE-2011-0776 (The sandbox implementation in Google Chrome before 9.0.597.84 on Mac ...)
- chromium-browser <not-affected> (mac only)
@@ -25300,7 +25282,6 @@
- webkit <not-affected> (chromium specific)
CVE-2011-0478 (Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do ...)
- chromium-browser 6.0.472.63~r59945-5
- - webkit <unfixed>
NOTE: http://trac.webkit.org/changeset/74636
CVE-2011-0477 (Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do ...)
- chromium-browser 6.0.472.63~r59945-5
@@ -25317,7 +25298,6 @@
NOTE: http://trac.webkit.org/changeset/74574
CVE-2011-0473 (Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do ...)
- chromium-browser 6.0.472.63~r59945-5
- - webkit <unfixed>
NOTE: http://trac.webkit.org/changeset/73927
NOTE: http://trac.webkit.org/changeset/73937
CVE-2011-0472 (Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do ...)
@@ -25325,7 +25305,6 @@
- webkit <not-affected> (Chrome PDF plugin)
CVE-2011-0471 (The node-iteration implementation in Google Chrome before 8.0.552.237 ...)
- chromium-browser 6.0.472.63~r59945-5
- - webkit <unfixed>
NOTE: http://trac.webkit.org/changeset/73559
NOTE: http://trac.webkit.org/changeset/73620
CVE-2011-0470 (Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do ...)
@@ -28069,7 +28048,6 @@
- chromium-browser 6.0.472.63~r59945-2
NOTE: http://trac.webkit.org/changeset/70652
CVE-2010-4205 (Google Chrome before 7.0.517.44 does not properly handle the data ...)
- - webkit <unfixed>
- chromium-browser 6.0.472.63~r59945-2
NOTE: https://bugs.webkit.org/show_bug.cgi?id=48159
NOTE: http://trac.webkit.org/changeset/70550
@@ -32601,11 +32579,13 @@
CVE-2010-2576 (Opera before 10.61 does not properly suppress clicks on download ...)
NOT-FOR-US: Opera
CVE-2010-2575 (Heap-based buffer overflow in the RLE decompression functionality in ...)
- - okular <removed> (low)
+ - okular 4:4.4.5-2
[lenny] - okular 0.7-2+lenny1
- kdegraphics 4:4.4.5-2
[lenny] - kdegraphics <not-affected> (Lenny's kdegraphics doesn't yet contain Okular)
NOTE: http://www.kde.org/info/security/advisory-20100825-1.txt
+ NOTE: Okular was initially a single source package (lenny days), then it was merged into
+ NOTE: kdegraphics (squeeze days) and later split off again (wheezy)
CVE-2010-2574 (Cross-site scripting (XSS) vulnerability in manage_proj_cat_add.php in ...)
- mantis 1.1.8+dfsg-6 (low; bug #595510)
[lenny] - mantis 1.1.6+dfsg-2lenny2
@@ -42990,7 +42970,6 @@
- xpdf 3.02-2 (medium; bug #551287)
- poppler 0.12.2-1 (medium; bug #551289)
- kdegraphics 4:4.0 (medium; bug #551290)
- - swftools <removed> (medium; bug #551291)
- swftools 0.9.2+ds1-2
CVE-2009-3591 (Dopewars 1.5.12 allows remote attackers to cause a denial of service ...)
- dopewars 1.5.12-9 (low; bug #550913)
More information about the Secure-testing-commits
mailing list