[Secure-testing-commits] r22675 - data/CVE
Moritz Muehlenhoff
jmm at alioth.debian.org
Tue Jun 18 19:59:20 UTC 2013
Author: jmm
Date: 2013-06-18 19:59:20 +0000 (Tue, 18 Jun 2013)
New Revision: 22675
Modified:
data/CVE/list
Log:
zabbix/no-dsa
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-06-18 19:55:03 UTC (rev 22674)
+++ data/CVE/list 2013-06-18 19:59:20 UTC (rev 22675)
@@ -7992,6 +7992,7 @@
CVE-2013-1364 [possible to override LDAP configuration parameters via the API]
RESERVED
- zabbix 1:2.0.4+dfsg-2 (bug #698541)
+ [squeeze] - zabbix <no-dsa> (Will be handled through point update)
NOTE: patches in https://support.zabbix.com/browse/ZBX-6097
CVE-2013-1363
RESERVED
@@ -12233,6 +12234,7 @@
CVE-2012-6086 [zabbix insecure curl usage]
RESERVED
- zabbix <unfixed> (bug #697443)
+ [squeeze] - zabbix <no-dsa> (Will be handled through point update)
NOTE: https://support.zabbix.com/browse/ZBX-5924
CVE-2012-6085 (The read_block function in g10/import.c in GnuPG 1.4.x before 1.4.13 ...)
{DSA-2601-1}
@@ -27812,6 +27814,7 @@
NOT-FOR-US: Novell Sentinel Log Manager
CVE-2011-5027 (Cross-site scripting (XSS) vulnerability in ZABBIX before 1.8.10 ...)
- zabbix 1:1.8.10-1 (bug #652664)
+ [squeeze] - zabbix <no-dsa> (Will be handled through point update)
CVE-2011-5026 (Cross-site scripting (XSS) vulnerability in the addPost function in ...)
NOT-FOR-US: Winn Guestbook
CVE-2011-5025 (Multiple cross-site scripting (XSS) vulnerabilities in the wiki ...)
@@ -29374,7 +29377,8 @@
NOTE: Nearly a duplicate of CVE-2011-1932.
NOTE: CVE's SPLIT decision is unclear.
CVE-2011-4674 (SQL injection vulnerability in popup.php in Zabbix 1.8.3 and 1.8.4, ...)
- - zabbix 1:1.8.9-1 (high; bug #651225)
+ - zabbix 1:1.8.9-1 (bug #651225)
+ [squeeze] - zabbix <no-dsa> (Will be handled through point update)
CVE-2011-4673 (SQL injection vulnerability in modules/sharedaddy.php in the Jetpack ...)
NOT-FOR-US: Jetpack plugin for Wordpress
CVE-2011-4672 (Multiple SQL injection vulnerabilities in Valid tiny-erp 1.6 and ...)
@@ -29522,6 +29526,7 @@
[squeeze] - libhtml-template-pro-perl 0.9502-1+squeeze1
CVE-2011-4615 (Multiple cross-site scripting (XSS) vulnerabilities in Zabbix before ...)
- zabbix 1:1.8.10-1 (bug #652664)
+ [squeeze] - zabbix <no-dsa> (Will be handled through point update)
CVE-2011-4614 (PHP remote file inclusion vulnerability in ...)
- typo3-src 4.5.9+dfsg1-1 (bug #652365)
[squeeze] - typo3-src <not-affected> (Only affects 4.5 onwards)
@@ -33652,11 +33657,13 @@
NOT-FOR-US: Wordpress plugin
CVE-2011-3265 (popup.php in Zabbix before 1.8.7 allows remote attackers to read the ...)
- zabbix 1:1.8.9-1
+ [squeeze] - zabbix <no-dsa> (Will be handled through point update)
CVE-2011-3264 (Zabbix before 1.8.6 allows remote attackers to obtain sensitive ...)
- zabbix 1:1.8.6-1 (unimportant)
NOTE: Installation path is known anyway for the Debian package
CVE-2011-3263 (zabbix_agentd in Zabbix before 1.8.6 and 1.9.x before 1.9.4 allows ...)
- zabbix 1:1.8.6-1
+ [squeeze] - zabbix <no-dsa> (Will be handled through point update)
CVE-2011-3262 (tools/libxc/xc_dom_bzimageloader.c in Xen 3.2, 3.3, 4.0, and 4.1 ...)
{DSA-2337-1}
- xen 4.1.1-1
@@ -34820,6 +34827,7 @@
[lenny] - linux-2.6 <not-affected> (perf not yet present)
CVE-2011-2904 (Cross-site scripting (XSS) vulnerability in acknow.php in Zabbix ...)
- zabbix 1:1.8.6-1
+ [squeeze] - zabbix <no-dsa> (Will be handled through point update)
CVE-2011-2903 (Heap-based buffer overflow in tcptrack before 1.4.2 might allow ...)
- tcptrack 1.4.2-1 (unimportant; bug #551092)
NOTE: https://bugs.gentoo.org/show_bug.cgi?id=377917
More information about the Secure-testing-commits
mailing list