[Secure-testing-commits] r20152 - data/CVE
Henri Salo
fgeek-guest at alioth.debian.org
Thu Sep 13 05:00:26 UTC 2012
Author: fgeek-guest
Date: 2012-09-13 05:00:26 +0000 (Thu, 13 Sep 2012)
New Revision: 20152
Modified:
data/CVE/list
Log:
CVE-2012-3524 libdbus issue added. needs verification
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2012-09-13 04:57:38 UTC (rev 20151)
+++ data/CVE/list 2012-09-13 05:00:26 UTC (rev 20152)
@@ -3381,8 +3381,12 @@
- libapache2-mod-rpaf 0.6-1 (bug #683984)
CVE-2012-3525 (s2s/out.c in jabberd2 2.2.16 and earlier does not verify that a ...)
- jabberd2 <unfixed> (bug #685666)
-CVE-2012-3524
+CVE-2012-3524 [libdbus getenv]
RESERVED
+ TODO: check
+ NOTE: http://www.openwall.com/lists/oss-security/2012/09/12/6
+ NOTE: https://bugzilla.novell.com/show_bug.cgi?id=697105
+ NOTE: http://stealth.openwall.net/null/dzug.c
CVE-2012-3523 [inn prone to STARTTLS plaintext command injection]
RESERVED
- inn <not-affected> (STARTTLS was introduced in 2.3, see bug #685581)
More information about the Secure-testing-commits
mailing list