[Secure-testing-commits] r20964 - data/CVE
Moritz Muehlenhoff
jmm at alioth.debian.org
Fri Jan 18 16:12:52 UTC 2013
Author: jmm
Date: 2013-01-18 16:12:51 +0000 (Fri, 18 Jan 2013)
New Revision: 20964
Modified:
data/CVE/list
Log:
new moodle issues (One one minor issue affects stable, no-dsa)
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-01-18 15:06:44 UTC (rev 20963)
+++ data/CVE/list 2013-01-18 16:12:51 UTC (rev 20964)
@@ -2986,7 +2986,7 @@
- ruby-activesupport-2.3 2.3.14-5 (bug #697789)
- ruby-activesupport-3.2 3.2.6-5 (bug #697790)
- ruby-extlib 0.9.15-3 (bug #697895)
- - libextlib-ruby <unfixed> (bug #697895)
+ - libextlib-ruby <removed> (bug #697895)
NOTE: Starting with 2.3.14.1 rails is a transition package
NOTE: http://www.insinuator.net/2013/01/rails-yaml/
NOTE: http://www.openwall.com/lists/oss-security/2013/01/08/14
@@ -3557,22 +3557,39 @@
NOTE: https://issues.apache.org/jira/browse/AXIS2C-1619
CVE-2012-6106
RESERVED
+ - moodle <not-affected> (Only affects 2.4)
CVE-2012-6105
RESERVED
+ - moodle <unfixed> (low)
+ [squeeze] - moodle <not-affected> (Only affects 2.1 and above)
CVE-2012-6104
RESERVED
+ - moodle <unfixed> (low)
+ [squeeze] - moodle <not-affected> (Only affects 2.2 and above)
CVE-2012-6103
RESERVED
+ - moodle <unfixed> (low)
+ [squeeze] - moodle <not-affected> (Only affects 2.2 and above)
CVE-2012-6102
RESERVED
+ - moodle <unfixed>
+ [squeeze] - moodle <not-affected> (Only affects 2.3 and above)
CVE-2012-6101
RESERVED
+ - moodle <unfixed> (low)
+ [squeeze] - moodle <not-affected> (Only affects 2.2 and above)
CVE-2012-6100
RESERVED
+ - moodle <unfixed> (low)
+ [squeeze] - moodle <not-affected> (Only affects 2.2 and above)
CVE-2012-6099
RESERVED
+ - moodle <unfixed>
+ [squeeze] - moodle <not-affected> (Only affects 2.1 and above)
CVE-2012-6098
RESERVED
+ - moodle <unfixed> (low)
+ [squeeze] - moodle <no-dsa> (Minor issue)
CVE-2012-6097 [cronie fd leak]
RESERVED
- cronie <unfixed> (low; bug #697811)
@@ -5677,9 +5694,8 @@
- mediawiki 1:1.19.3-1 (bug #694998)
CVE-2012-5390 [Possible privilege escalation]
RESERVED
- - condor <not-affected> (bug #697936)
+ - condor <not-affected> (standard universe is disabled in the Debian package, see bug #697936)
NOTE: http://research.cs.wisc.edu/htcondor/security/vulnerabilities/CONDOR-2012-0003.html
- NOTE: standard universe is disabled in the Debian package
CVE-2012-5389
RESERVED
CVE-2012-5388 (Cross-site scripting (XSS) vulnerability in wlcms-plugin.php in the ...)
More information about the Secure-testing-commits
mailing list