[Secure-testing-commits] r22731 - data/CVE

Mon Jun 24 21:45:09 UTC 2013

Author: jmm
Date: 2013-06-24 21:45:08 +0000 (Mon, 24 Jun 2013)
New Revision: 22731

Modified:
   data/CVE/list
Log:
- no-dsa for squeeze: libxcrypt, mono, pgbouncer, tftp-hpa, python, gnugk


Modified: data/CVE/list
===================================================================

--- data/CVE/list	2013-06-24 21:22:43 UTC (rev 22730)
+++ data/CVE/list	2013-06-24 21:45:08 UTC (rev 22731)
@@ -16788,6 +16788,7 @@
 	[squeeze] - kfreebsd-8 8.1+dfsg-8+squeeze4
 CVE-2012-4575 (The add_database function in objects.c in the pgbouncer pooler 1.5.2 ...)
 	- pgbouncer 1.5.2-4
+	[squeeze] - pgbouncer <no-dsa> (Minor issue)
 CVE-2012-4574 (Pulp in Red Hat CloudForms before 1.1 uses world-readable permissions ...)
 	NOT-FOR-US: Red Hat CloudForms
 CVE-2012-4573 (The v1 API in OpenStack Glance Grizzly, Folsom (2012.2), and Essex ...)
@@ -19447,6 +19448,7 @@
 CVE-2012-3543
 	RESERVED
 	- mono 2.10.8.1-7 (bug #686562)
+	[squeeze] - mono <no-dsa> (Minor issue)
 CVE-2012-3542 (OpenStack Keystone, as used in OpenStack Folsom before folsom-rc1 and ...)
 	- keystone 2012.1.1-5
 CVE-2012-3541
@@ -19466,7 +19468,8 @@
 	{DSA-2629-1}
 	- openjpeg 1.3+dfsg-4.6 (bug #685970)
 CVE-2012-3534 (GNU Gatekeeper before 3.1 does not limit the number of connections to ...)
-	- gnugk 2:3.0.2-3 (bug #685969)
+	- gnugk 2:3.0.2-3 (low; bug #685969)
+	[squeeze] - gnugk <no-dsa> (Minor issue)
 CVE-2012-3533 (The python SDK before 3.1.0.6 and CLI before 3.1.0.8 for oVirt 3.1 ...)
 	NOT-FOR-US: ovirt
 CVE-2012-3532 (Cross-site request forgery (CSRF) vulnerability in the GateIn Portal ...)
@@ -23144,6 +23147,7 @@
 	[squeeze] - linux-2.6 2.6.32-46
 CVE-2012-2135 (The utf-16 decoder in Python 3.1 through 3.3 does not update the ...)
 	- python3.1 <unfixed> (bug #670389)
+	[squeeze] - python3.1 <no-dsa> (Minor issue)
 	- python3.2 3.2.3-1 (bug #670389)
 	- python3.3 3.3.1-1
 	NOTE: http://bugs.python.org/issue14579
@@ -33459,8 +33463,10 @@
 	- curl 7.24.0-1
 	NOTE: http://curl.haxx.se/docs/adv_20120124B.html
 	- python2.6 2.6.8-0.1 (bug #684511)
+	[squeeze] - python2.6 <no-dsa> (Minor issue)
 	- python2.7 2.7.3~rc1-1
 	- python3.1 <unfixed> (bug #678998)
+	[squeeze] - python3.1 <no-dsa> (Minor issue)
 	- python3.2 3.2.3~rc1-1
 	NOTE: http://bugs.python.org/issue13885
 	NOTE: python3.1 is fixed starting 3.1.5
@@ -36239,6 +36245,7 @@
 	- postgresql-9.1 9.1~rc1-1
 	- php5 5.3.6-13 (bug #631347)
 	- libxcrypt 1:2.4-1.1 (bug #679628)
+	[squeeze] - libxcrypt <no-dsa> (Minor issue)
 	NOTE: http://openwall.com/lists/oss-security/2011/06/20/2
 CVE-2011-2482 (A certain Red Hat patch to the sctp_sock_migrate function in ...)
 	- linux-2.6 <not-affected> (RHEL-specific regression)
@@ -36999,7 +37006,8 @@
 	{DSA-2266-1}
 	- php5 5.3.6-12
 CVE-2011-2199 (Buffer overflow in tftp-hpa before 5.1 allows remote attackers to ...)
-	- tftp-hpa 5.1-1
+	- tftp-hpa 5.1-1 (low)
+	[squeeze] - tftp-hpa <no-dsa> (Minor issue)
 	NOTE: http://git.kernel.org/?p=network/tftp/tftp-hpa.git;a=commitdiff;h=f3035c45bc50bb5cac87ca01e7ef6a12485184f8
 CVE-2011-2198 [vte memory exhaustion]
 	RESERVED
@@ -38874,6 +38882,7 @@
 	- otrs2 2.4.10+dfsg1-1
 CVE-2011-1521 (The urllib and urllib2 modules in Python 2.x before 2.7.2 and 3.x ...)
 	- python3.1 <removed> (bug #628453)
+	[squeeze] - python3.1 <no-dsa> (Minor issue)
 	- python3.2 3.2-3
 	- python2.7 2.7.1-7
 	- python2.6 2.6.7-1 (bug #628455)


