[Secure-testing-commits] r22778 - data/CVE
Moritz Muehlenhoff
jmm at alioth.debian.org
Thu Jun 27 14:18:44 UTC 2013
Author: jmm
Date: 2013-06-27 14:18:43 +0000 (Thu, 27 Jun 2013)
New Revision: 22778
Modified:
data/CVE/list
Log:
no-dsa for squeeze: roundcube, redmine, yui, mantis
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-06-27 12:36:01 UTC (rev 22777)
+++ data/CVE/list 2013-06-27 14:18:43 UTC (rev 22778)
@@ -13375,14 +13375,17 @@
CVE-2012-5883 (Cross-site scripting (XSS) vulnerability in the Flash component ...)
- yui3 <not-affected>
- yui 2.9.0.dfsg.0.1-0.1 (bug #693608)
+ [squeeze] - yui <no-dsa> (Minor issue, Flash not build from source in oldstable)
- icinga-web 1.7.1+dfsg2-6 (bug #694641)
CVE-2012-5882 (Cross-site scripting (XSS) vulnerability in the Flash component ...)
- yui3 <not-affected>
- yui 2.9.0.dfsg.0.1-0.1 (bug #693608)
+ [squeeze] - yui <no-dsa> (Minor issue, Flash not build from source in oldstable)
- icinga-web 1.7.1+dfsg2-6 (bug #694641)
CVE-2012-5881 (Cross-site scripting (XSS) vulnerability in the Flash component ...)
- yui3 <not-affected>
- yui 2.9.0.dfsg.0.1-0.1 (bug #693608)
+ [squeeze] - yui <no-dsa> (Minor issue, Flash not build from source in oldstable)
- icinga-web 1.7.1+dfsg2-6 (bug #694641)
CVE-2012-5880
RESERVED
@@ -14385,9 +14388,11 @@
[squeeze] - gajim <no-dsa> (Minor issue)
CVE-2012-5523 (core/email_api.php in MantisBT before 1.2.12 does not properly manage ...)
- mantis 1.2.11-1.2 (bug #693283)
+ [squeeze] - mantis <no-dsa> (Minor issue)
NOTE: http://www.mantisbt.org/bugs/view.php?id=14704
CVE-2012-5522 (MantisBT before 1.2.12 does not use an expected default value during ...)
- mantis 1.2.11-1.2 (bug #693283)
+ [squeeze] - mantis <no-dsa> (Minor issue)
NOTE: http://www.mantisbt.org/bugs/view.php?id=14496
CVE-2012-5521
RESERVED
@@ -23641,6 +23646,7 @@
NOT-FOR-US: GitHub Enterprise
CVE-2012-2054 (Redmine before 1.3.2 does not properly restrict the use of a hash to ...)
- redmine 1.3.2+dfsg1-1
+ [squeeze] - redmine <no-dsa> (Minor issue)
CVE-2012-2053 (The sudoers file in the Linux system configuration in F5 FirePass ...)
NOT-FOR-US: F5 Firepass
CVE-2012-2052
@@ -25489,7 +25495,8 @@
CVE-2012-1254 (Cross-site scripting (XSS) vulnerability in Segue 2.2.10.2 and earlier ...)
NOT-FOR-US: Segue (CMS)
CVE-2012-1253 (Cross-site scripting (XSS) vulnerability in Roundcube Webmail before ...)
- - roundcube 0.7-1
+ - roundcube 0.7-1 (low)
+ [squeeze] - roundcube <no-dsa> (Minor issue)
CVE-2012-1252 (Cross-site scripting (XSS) vulnerability in RSSOwl before 2.1.1 allows ...)
- rssowl <itp> (bug #346541)
CVE-2012-1251 (Opera before 9.63 does not properly verify X.509 certificates from SSL ...)
@@ -27945,6 +27952,7 @@
NOT-FOR-US: Janetter
CVE-2012-0327 (Cross-site scripting (XSS) vulnerability in Redmine before 1.3.2 ...)
- redmine 1.3.2+dfsg1-1
+ [squeeze] - redmine <no-dsa> (Minor issue)
CVE-2012-0326 (The twicca application 0.7.0 through 0.9.30 for Android does not ...)
NOT-FOR-US: twicca application for Android
CVE-2012-0325 (Cross-site scripting (XSS) vulnerability in CloudBees Jenkins before ...)
@@ -35141,7 +35149,8 @@
[squeeze] - mantis <not-affected> (Only affects Mantis 1.1)
[lenny] - mantis <not-affected> (Only affects Mantis 1.1)
CVE-2011-2937 (Cross-site scripting (XSS) vulnerability in the UI messages ...)
- - roundcube 0.5.4+dfsg-1 (bug #641996)
+ - roundcube 0.5.4+dfsg-1 (low; bug #641996)
+ [squeeze] - roundcube <no-dsa> (Minor issue)
CVE-2011-2936
RESERVED
- elgg <itp> (bug #526197)
More information about the Secure-testing-commits
mailing list