[Secure-testing-commits] r21808 - data/CVE
Salvatore Bonaccorso
carnil at alioth.debian.org
Tue Apr 2 18:54:34 UTC 2013
Author: carnil
Date: 2013-04-02 18:54:33 +0000 (Tue, 02 Apr 2013)
New Revision: 21808
Modified:
data/CVE/list
Log:
update entry for CVE-2012-2942
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-04-02 15:32:32 UTC (rev 21807)
+++ data/CVE/list 2013-04-02 18:54:33 UTC (rev 21808)
@@ -15716,7 +15716,10 @@
CVE-2012-2943 (CRLF injection vulnerability in cryptographp.inc.php in Cryptographp ...)
NOT-FOR-US: Cryptographp
CVE-2012-2942 (Buffer overflow in the trash buffer in the header capture ...)
+ - haproxy <unfixed> (bug #674447)
+ NOTE: According to upstream information this only was fixed in 1.4.21
NOTE: Reported as duplicate with CVE-2012-2391 http://seclists.org/oss-sec/2012/q2/417
+ TODO: check if closing information in #674447 is correct
CVE-2012-2941 (Cross-site scripting (XSS) vulnerability in search/ in Yandex.Server ...)
NOT-FOR-US: Yandex.Server 2010 9.0 Enterprise
CVE-2012-2940 (MediaChance Real-DRAW PRO 5.2.4 allows remote attackers to cause a ...)
More information about the Secure-testing-commits
mailing list