[Secure-testing-commits] r21052 - data/CVE

Moritz Muehlenhoff jmm at alioth.debian.org
Mon Jan 28 06:41:27 UTC 2013 

Author: jmm
Date: 2013-01-28 06:41:27 +0000 (Mon, 28 Jan 2013)
New Revision: 21052

Modified:
   data/CVE/list
Log:
new kernel issue
new bind issue
Jboss NFUs


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2013-01-27 20:44:38 UTC (rev 21051)
+++ data/CVE/list	2013-01-28 06:41:27 UTC (rev 21052)
@@ -5014,7 +5014,8 @@
 CVE-2012-5690 (RealNetworks RealPlayer before 16.0.0.282 and RealPlayer SP 1.0 ...)
 	NOT-FOR-US: RealPlayer
 CVE-2012-5689 (ISC BIND 9.8.x through 9.8.4-P1 and 9.9.x through 9.9.2-P1, in certain ...)
-	TODO: check
+	- bind9 <unfixed>
+	[squeeze] - bind9 <not-affected> (Only affects Bind 9.8 and 9.9)
 CVE-2012-5688 (ISC BIND 9.8.x before 9.8.4-P1 and 9.9.x before 9.9.2-P1, when DNS64 ...)
 	- bind9 1:9.8.4.dfsg.P1-1 (bug #695192)
 	[squeeze] - bind9 <not-affected> (Only affects 9.8 and 9.9)
@@ -5670,6 +5671,7 @@
 	[squeeze] - moodle <not-affected> (Doesn't affect 1.9)
 CVE-2012-5478
 	RESERVED
+	- jbossas4 <not-affected> (Only builds a few libraries, not the full application server, #581226)
 CVE-2012-5477
 	RESERVED
 CVE-2012-5476
@@ -8221,6 +8223,8 @@
 	NOT-FOR-US: Red Hat Certificate System
 CVE-2012-4542
 	RESERVED
+	- linux <unfixed>
+	- linux-2.6 <removed>
 CVE-2012-4541 (Cross-site scripting (XSS) vulnerability in Piwik before 1.9 allows ...)
 	- piwik <itp> (bug #506933)
 CVE-2012-4540 (Off-by-one error in the invoke function in ...)
@@ -11330,8 +11334,10 @@
 	NOTE: https://bugs.launchpad.net/nova/+bug/1017795
 CVE-2012-3370
 	RESERVED
+	- jbossas4 <not-affected> (Only builds a few libraries, not the full application server, #581226)
 CVE-2012-3369
 	RESERVED
+	- jbossas4 <not-affected> (Only builds a few libraries, not the full application server, #581226)
 CVE-2012-3368 (Integer signedness error in attach.c in dtach 0.8 allows remote ...)
 	- dtach 0.8-2.1 (low; bug #625302)
 	[squeeze] - dtach <no-dsa> (Minor issue)
@@ -17414,6 +17420,7 @@
 	[lenny] - systemtap <not-affected> (Vulnerable code not present)
 CVE-2012-0874
 	RESERVED
+	- jbossas4 <not-affected> (Only builds a few libraries, not the full application server, #581226)
 CVE-2012-0873 (Multiple cross-site scripting (XSS) vulnerabilities in Boonex Dolphin ...)
 	NOT-FOR-US: Boonex Dolphin
 CVE-2012-0872 (Multiple cross-site scripting (XSS) vulnerabilities in OxWall 1.1.1 ...)
@@ -20972,6 +20979,7 @@
 	- openssl 1.0.0f-1 
 CVE-2011-4575
 	RESERVED
+	NOT-FOR-US: JMX Console
 CVE-2011-4574
 	RESERVED
 CVE-2011-4573

More information about the Secure-testing-commits mailing list