[Secure-testing-commits] r20228 - data/CVE
Moritz Muehlenhoff
jmm at alioth.debian.org
Tue Sep 25 13:13:40 UTC 2012
Author: jmm
Date: 2012-09-25 13:13:40 +0000 (Tue, 25 Sep 2012)
New Revision: 20228
Modified:
data/CVE/list
Log:
jenkins fixed/not-affected
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2012-09-25 12:33:00 UTC (rev 20227)
+++ data/CVE/list 2012-09-25 13:13:40 UTC (rev 20228)
@@ -1837,19 +1837,19 @@
NOTE: CVE-request http://www.openwall.com/lists/oss-security/2012/09/20/7
CVE-2012-4441 [jenkins XSS in CI game plugin]
RESERVED
- - jenkins <unfixed> (bug #688298)
+ - jenkins <not-affected> (Plugin not built in Debian source package)
NOTE: http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2012-09-17.cb
CVE-2012-4440 [jenkins XSS in Violations plugin]
RESERVED
- - jenkins <unfixed> (bug #688298)
+ - jenkins <not-affected> (Plugin not built in Debian source package)
NOTE: http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2012-09-17.cb
CVE-2012-4439 [jenkins XSS]
RESERVED
- - jenkins <unfixed> (bug #688298)
+ - jenkins 1.447.2+dfsg-2 (bug #688298)
NOTE: http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2012-09-17.cb
CVE-2012-4438 [jenkins remote code execution]
RESERVED
- - jenkins <unfixed> (bug #688298)
+ - jenkins 1.447.2+dfsg-2 (bug #688298)
NOTE: http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2012-09-17.cb
CVE-2012-4437 [Smarty / php-Smarty: XSS in Smarty exception messages]
RESERVED
@@ -9584,9 +9584,11 @@
CVE-2012-1200 (Multiple PHP remote file inclusion vulnerabilities in Nova CMS allow ...)
NOT-FOR-US: Nova CMS
CVE-2012-1199 (Multiple PHP remote file inclusion vulnerabilities in Basic Analysis ...)
- - acidbase <unfixed>
+ - acidbase <unfixed> (low)
+ [squeeze] - acidbase <no-dsa> (Minor issue)
CVE-2012-1198 (base_ag_main.php in Basic Analysis and Security Engine (BASE) 1.4.5 ...)
- - acidbase <unfixed> (bug #661020)
+ - acidbase <unfixed> (low; bug #661020)
+ [squeeze] - acidbase <no-dsa> (Minor issue)
CVE-2012-1197 (Integer overflow in the IDE_ACDStd.apl module for ACDSee 14.1 Build ...)
NOT-FOR-US: ACDSee
CVE-2012-1196 (Directory traversal vulnerability in the VulCore web service ...)
@@ -10110,7 +10112,8 @@
CVE-2012-1018 (Cross-site scripting (XSS) vulnerability in includes/convert.php in ...)
NOT-FOR-US: Joomla addon
CVE-2012-1017 (Multiple SQL injection vulnerabilities in base_qry_main.php in Basic ...)
- - acidbase <unfixed> (bug #659287)
+ - acidbase <unfixed> (low; bug #659287)
+ [squeeze] - acidbase <no-dsa> (Minor issue)
CVE-2012-1016
RESERVED
CVE-2012-1015 (The kdc_handle_protected_negotiation function in the Key Distribution ...)
More information about the Secure-testing-commits
mailing list