[Secure-testing-commits] r20164 - data/CVE

Moritz Muehlenhoff jmm at alioth.debian.org
Fri Sep 14 20:28:18 UTC 2012


Author: jmm
Date: 2012-09-14 20:28:18 +0000 (Fri, 14 Sep 2012)
New Revision: 20164

Modified:
   data/CVE/list
Log:
NFUs


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2012-09-14 20:21:47 UTC (rev 20163)
+++ data/CVE/list	2012-09-14 20:28:18 UTC (rev 20164)
@@ -3028,33 +3028,33 @@
 CVE-2012-3713
 	RESERVED
 CVE-2012-3712 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers ...)
-	TODO: check
+	NOT-FOR-US: Apple iTunes / if anything of this affects Chromium, the Chrome sec team will know and fix
 CVE-2012-3711 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers ...)
-	TODO: check
+	NOT-FOR-US: Apple iTunes / if anything of this affects Chromium, the Chrome sec team will know and fix
 CVE-2012-3710 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers ...)
-	TODO: check
+	NOT-FOR-US: Apple iTunes / if anything of this affects Chromium, the Chrome sec team will know and fix
 CVE-2012-3709 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers ...)
-	TODO: check
+	NOT-FOR-US: Apple iTunes / if anything of this affects Chromium, the Chrome sec team will know and fix
 CVE-2012-3708 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers ...)
-	TODO: check
+	NOT-FOR-US: Apple iTunes / if anything of this affects Chromium, the Chrome sec team will know and fix
 CVE-2012-3707 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers ...)
-	TODO: check
+	NOT-FOR-US: Apple iTunes / if anything of this affects Chromium, the Chrome sec team will know and fix
 CVE-2012-3706 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers ...)
-	TODO: check
+	NOT-FOR-US: Apple iTunes / if anything of this affects Chromium, the Chrome sec team will know and fix
 CVE-2012-3705 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers ...)
-	TODO: check
+	NOT-FOR-US: Apple iTunes / if anything of this affects Chromium, the Chrome sec team will know and fix
 CVE-2012-3704 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers ...)
-	TODO: check
+	NOT-FOR-US: Apple iTunes / if anything of this affects Chromium, the Chrome sec team will know and fix
 CVE-2012-3703 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers ...)
-	TODO: check
+	NOT-FOR-US: Apple iTunes / if anything of this affects Chromium, the Chrome sec team will know and fix
 CVE-2012-3702 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers ...)
-	TODO: check
+	NOT-FOR-US: Apple iTunes / if anything of this affects Chromium, the Chrome sec team will know and fix
 CVE-2012-3701 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers ...)
-	TODO: check
+	NOT-FOR-US: Apple iTunes / if anything of this affects Chromium, the Chrome sec team will know and fix
 CVE-2012-3700 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers ...)
-	TODO: check
+	NOT-FOR-US: Apple iTunes / if anything of this affects Chromium, the Chrome sec team will know and fix
 CVE-2012-3699 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers ...)
-	TODO: check
+	NOT-FOR-US: Apple iTunes / if anything of this affects Chromium, the Chrome sec team will know and fix
 CVE-2012-3698 (Apple Xcode before 4.4 does not properly compose a designated ...)
 	NOT-FOR-US: Apple Xcode
 CVE-2012-3697 (WebKit in Apple Safari before 6.0 does not properly handle file: URLs, ...)
@@ -3068,7 +3068,7 @@
 CVE-2012-3693 (Incomplete blacklist vulnerability in WebKit in Apple Safari before ...)
 	- webkit <undetermined>
 CVE-2012-3692 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers ...)
-	TODO: check
+	NOT-FOR-US: Apple iTunes / if anything of this affects Chromium, the Chrome sec team will know and fix
 CVE-2012-3691 (WebKit in Apple Safari before 6.0 does not properly handle Cascading ...)
 	- webkit <undetermined>
 CVE-2012-3690 (WebKit in Apple Safari before 6.0 does not properly handle ...)
@@ -3076,15 +3076,15 @@
 CVE-2012-3689 (WebKit in Apple Safari before 6.0 does not properly handle ...)
 	- webkit <undetermined>
 CVE-2012-3688 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers ...)
-	TODO: check
+	NOT-FOR-US: Apple iTunes / if anything of this affects Chromium, the Chrome sec team will know and fix
 CVE-2012-3687 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers ...)
-	TODO: check
+	NOT-FOR-US: Apple iTunes / if anything of this affects Chromium, the Chrome sec team will know and fix
 CVE-2012-3686 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
 	- webkit <undetermined>
 CVE-2012-3685 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers ...)
-	TODO: check
+	NOT-FOR-US: Apple iTunes / if anything of this affects Chromium, the Chrome sec team will know and fix
 CVE-2012-3684 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers ...)
-	TODO: check
+	NOT-FOR-US: Apple iTunes / if anything of this affects Chromium, the Chrome sec team will know and fix
 CVE-2012-3683 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
 	- webkit <undetermined>
 CVE-2012-3682 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
@@ -3098,19 +3098,19 @@
 CVE-2012-3678 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
 	- webkit <undetermined>
 CVE-2012-3677 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers ...)
-	TODO: check
+	NOT-FOR-US: Apple iTunes / if anything of this affects Chromium, the Chrome sec team will know and fix
 CVE-2012-3676 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers ...)
-	TODO: check
+	NOT-FOR-US: Apple iTunes / if anything of this affects Chromium, the Chrome sec team will know and fix
 CVE-2012-3675 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers ...)
-	TODO: check
+	NOT-FOR-US: Apple iTunes / if anything of this affects Chromium, the Chrome sec team will know and fix
 CVE-2012-3674 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
 	- webkit <undetermined>
 CVE-2012-3673 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers ...)
-	TODO: check
+	NOT-FOR-US: Apple iTunes / if anything of this affects Chromium, the Chrome sec team will know and fix
 CVE-2012-3672 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers ...)
-	TODO: check
+	NOT-FOR-US: Apple iTunes / if anything of this affects Chromium, the Chrome sec team will know and fix
 CVE-2012-3671 (WebKit, as used in Apple iTunes before 10.7, allows remote attackers ...)
-	TODO: check
+	NOT-FOR-US: Apple iTunes / if anything of this affects Chromium, the Chrome sec team will know and fix
 CVE-2012-3670 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
 	- webkit <undetermined>
 CVE-2012-3669 (WebKit, as used in Apple Safari before 6.0, allows remote attackers to ...)
@@ -11837,7 +11837,7 @@
 	NOT-FOR-US: Geeklog
 CVE-2011-4941
 	RESERVED
-	NOT-FOR-US: piwik
+	- piwik <itp> (bug #506933)
 CVE-2011-4940 (The list_directory function in Lib/SimpleHTTPServer.py in ...)
 	- python2.7 2.7.2-8 (unimportant)
 	- python2.6 <unfixed> (unimportant; bug #664135)
@@ -12302,7 +12302,7 @@
 CVE-2011-4839
 	RESERVED
 CVE-2011-4838 (JRuby before 1.6.5.1 computes hash values without restricting the ...)
-	- jruby <unfixed> (bug #686867)
+	- jruby <unfixed> (low; bug #686867)
 	[squeeze] - jruby <no-dsa> (Non-free not supported)
 CVE-2012-0220 (Multiple cross-site scripting (XSS) vulnerabilities in the meta plugin ...)
 	{DSA-2474-1}
@@ -25302,11 +25302,11 @@
 	[lenny] - pam <no-dsa> (Minor issue, too invasive for a stable release)
 	[squeeze] - pam <no-dsa> (Minor issue, too invasive for a stable release)
 CVE-2010-4707 (The check_acl function in pam_xauth.c in the pam_xauth module in ...)
-	- pam 1.1.3-1 (low; bug #611136)
+	- pam 1.1.3-1 (low)
 	[lenny] - pam <no-dsa> (Minor issue)
 	[squeeze] - pam <no-dsa> (Minor issue)
 CVE-2010-4706 (The pam_sm_close_session function in pam_xauth.c in the pam_xauth ...)
-	- pam 1.1.3-1 (low; bug #611136)
+	- pam 1.1.3-1 (low)
 	[lenny] - pam <no-dsa> (Minor issue)
 	[squeeze] - pam <no-dsa> (Minor issue)
 CVE-2010-4705 (Integer overflow in the vorbis_residue_decode_internal function in ...)




More information about the Secure-testing-commits mailing list