[Secure-testing-commits] r21001 - data/CVE
Moritz Muehlenhoff
jmm at alioth.debian.org
Mon Jan 21 17:00:54 UTC 2013
Author: jmm
Date: 2013-01-21 17:00:54 +0000 (Mon, 21 Jan 2013)
New Revision: 21001
Modified:
data/CVE/list
Log:
tinymce issue doesn't affect the debian package, only some addon
moodle is affected, though (not in stable, wheezy already fixed along
with the other moodle issues)
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-01-21 16:41:27 UTC (rev 21000)
+++ data/CVE/list 2013-01-21 17:00:54 UTC (rev 21001)
@@ -3567,10 +3567,14 @@
NOTE: https://bugs.php.net/bug.php?id=61413
CVE-2012-6112
RESERVED
+ - tinymce <not-affected> (TinyMCE Google spellchecker plugin)
+ - moodle <unfixed>
+ [squeeze] - moodle <not-affected> (Only affects 2.1 and above)
+ [wheezy] - moodle 2.2.3.dfsg-2.6~wheezy2
NOTE: http://www.tinymce.com/develop/changelog/?type=phpspell
NOTE: patch: https://github.com/tinymce/tinymce_spellchecker_php/commit/22910187bfb9edae90c26e10100d8145b505b974
NOTE: http://www.tinymce.com/forum/viewtopic.php?id=30036
- TODO: check (which packages might be affected? e.g. moodle and workpress include spellchecker/classes/GoogleSpell.php)
+ TODO: check (which packages might be affected?) wordpress include spellchecker/classes/GoogleSpell.php)
CVE-2012-6111 [gnome-keyring does not discard stored secrets in some cases]
RESERVED
TODO: check
More information about the Secure-testing-commits
mailing list