[Secure-testing-commits] r20880 - data/CVE
Moritz Muehlenhoff
jmm at alioth.debian.org
Thu Jan 10 16:03:51 UTC 2013
Author: jmm
Date: 2013-01-10 16:03:51 +0000 (Thu, 10 Jan 2013)
New Revision: 20880
Modified:
data/CVE/list
Log:
new xen issue
jenkins-winstone fixed
add tracking items for chromium ffmpeg-mt issue
NFU
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-01-10 10:03:43 UTC (rev 20879)
+++ data/CVE/list 2013-01-10 16:03:51 UTC (rev 20880)
@@ -2528,7 +2528,7 @@
CVE-2012-6072 [HTTP response splitting]
RESERVED
- jenkins <unfixed> (bug #696816)
- - jenkins-winstone <unfixed> (bug #696974)
+ - jenkins-winstone 0.9.10-jenkins-37+dfsg-2 (bug #696974)
NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2012-11-20
NOTE: http://www.openwall.com/lists/oss-security/2012/12/28/1
CVE-2012-6071 [libnusoap-php: Curl insecure usage]
@@ -3821,6 +3821,7 @@
RESERVED
CVE-2012-5647
RESERVED
+ NOT-FOR-US: OpenShift
CVE-2012-5646
RESERVED
NOT-FOR-US: OpenShift
@@ -3862,6 +3863,7 @@
RESERVED
CVE-2012-5634
RESERVED
+ - xen <unfixed> (low)
CVE-2012-5633
RESERVED
CVE-2012-5632
@@ -5072,7 +5074,8 @@
RESERVED
CVE-2012-5144 (Google Chrome before 23.0.1271.97 does not properly perform AAC ...)
- chromium-browser <unfixed>
- TODO: That might affect the internal ffmpeg copy
+ - ffmpeg <removed>
+ - libav <unfixed> (bug #694483)
CVE-2012-5143 (Integer overflow in Google Chrome before 23.0.1271.97 allows remote ...)
- chromium-browser <unfixed>
CVE-2012-5142 (Google Chrome before 23.0.1271.97 does not properly handle history ...)
More information about the Secure-testing-commits
mailing list