[Secure-testing-commits] r21411 - data/CVE

Sun Feb 24 16:21:00 UTC 2013

Author: jmm
Date: 2013-02-24 16:21:00 +0000 (Sun, 24 Feb 2013)
New Revision: 21411

Modified:
   data/CVE/list
Log:
transmission issue doesn't affect stable
no-dsa for older tor issues


Modified: data/CVE/list
===================================================================

--- data/CVE/list	2013-02-24 15:30:18 UTC (rev 21410)
+++ data/CVE/list	2013-02-24 16:21:00 UTC (rev 21411)
@@ -5753,6 +5753,7 @@
 CVE-2012-6129 [Transmission can be made to crash remotely]
 	RESERVED
 	- transmission 2.52-3+nmu1 (bug #700234)
+	[squeeze] - transmission <not-affected> (UTP code not present)
 CVE-2012-6128 [openconnect buffer overflow in processing certain headers]
 	RESERVED
 	{DSA-2623-1}
@@ -7534,7 +7535,8 @@
 CVE-2012-5574 (lib/form/sfForm.class.php in Symfony CMS before 1.4.20 allows remote ...)
 	NOT-FOR-US: Symfony
 CVE-2012-5573 (The connection_edge_process_relay_cell function in or/relay.c in Tor ...)
-	- tor 0.2.3.25-1
+	- tor 0.2.3.25-1 (low)
+	[squeeze] - tor <no-dsa> (Minor issue)
 CVE-2012-5572 [Dancer::Cookie: Cookie name CRLF injection]
 	RESERVED
 	- libdancer-perl <unfixed> (bug #694279)
@@ -12991,6 +12993,7 @@
 	- tor 0.2.3.20-rc-1 (low)
 CVE-2012-3517 (Use-after-free vulnerability in dns.c in Tor before 0.2.2.38 might ...)
 	- tor 0.2.3.20-rc-1 (low)
+	[squeeze] - tor <no-dsa> (Minor issue)
 CVE-2012-3516 (The GNTTABOP_swap_grant_ref sub-operation in the grant table hypercall ...)
 	- xen <not-affected> (Only affects >= 4.2)
 CVE-2012-3515 (Qemu, as used in Xen 4.0, 4.1 and possibly other products, when ...)
@@ -16261,10 +16264,12 @@
 	- rssh 2.3.3-6
 CVE-2012-2250
 	RESERVED
-	- tor 0.2.3.24-rc-1
+	- tor 0.2.3.24-rc-1 (low)
+	[squeeze] - tor <no-dsa> (Minor issue)
 CVE-2012-2249
 	RESERVED
-	- tor 0.2.3.23-rc-1
+	- tor 0.2.3.23-rc-1 (low)
+	[squeeze] - tor <no-dsa> (Minor issue)
 CVE-2012-2248 [build-influenced PATH set in dhclient]
 	RESERVED
 	- isc-dhcp 4.2.4-3 (bug #690532)


