[Secure-testing-commits] r20797 - data/CVE
Moritz Muehlenhoff
jmm at alioth.debian.org
Thu Jan 3 08:02:32 UTC 2013
Author: jmm
Date: 2013-01-03 08:02:31 +0000 (Thu, 03 Jan 2013)
New Revision: 20797
Modified:
data/CVE/list
Log:
new moodle issue
new zabbix issue
alleged SPICE issue doesn't affect us
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-01-02 22:03:18 UTC (rev 20796)
+++ data/CVE/list 2013-01-03 08:02:31 UTC (rev 20797)
@@ -2025,10 +2025,14 @@
RESERVED
CVE-2012-6088
RESERVED
-CVE-2012-6087
+CVE-2012-6087 [moodle insecure curl usage]
RESERVED
-CVE-2012-6086
+ - moodle <unfixed>
+ NOTE: https://github.com/tpyo/amazon-s3-php-class/pull/36
+CVE-2012-6086 [zabbix insecure curl usage]
RESERVED
+ - zabbix <unfixed>
+ NOTE: https://support.zabbix.com/browse/ZBX-5924
CVE-2012-6085 [gnupg key import memory corruption]
RESERVED
- gnupg 1.4.12-7 (bug #697108)
@@ -19876,7 +19880,9 @@
NOTE: Related to CVE-2011-3368 and CVE-2011-3639 but a different issue
CVE-2011-4316
RESERVED
- NOTE: jmm> I've contacted Dave Jorm from the Red Hat security team for further details
+ NOT-FOR-US: ovirt
+ NOTE: While the Red Hat advisory refers to SPICE, this is a vulnerability in
+ NOTE: the server-side ovirt logic (contacted Red Hat for clarification)
CVE-2011-4315 (Heap-based buffer overflow in compression-pointer processing in ...)
- nginx 1.1.8-1 (low)
[squeeze] - nginx 0.7.67-3+squeeze1
More information about the Secure-testing-commits
mailing list