[Secure-testing-commits] r25142 - data/CVE

[Salvatore Bonaccorso]

Author: carnil
Date: 2014-01-10 06:11:19 +0000 (Fri, 10 Jan 2014)
New Revision: 25142

Modified:
   data/CVE/list
Log:
Update CVE information for graphviz

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2014-01-10 05:34:40 UTC (rev 25141)
+++ data/CVE/list	2014-01-10 06:11:19 UTC (rev 25142)
@@ -6,9 +6,13 @@
 	NOT-FOR-US: Drupal 7 Entity module
 CVE-2014-1236 [buffer overflow]
 	- graphviz <unfixed> (bug #734745)
+	NOTE: fix: https://github.com/ellson/graphviz/commit/1d1bdec6318746f6f19f245db589eddc887ae8ff
 CVE-2014-1235
 	- graphviz <unfixed> (bug #734745)
+	[wheezy] - graphviz <not-affected> (CVE for additional buffer overflow introduced by 7aaddf52cd98589fb0c3ab72a393f8411838438a)
+	[squeeze] - graphviz <not-affected> (CVE for additional buffer overflow introduced by 7aaddf52cd98589fb0c3ab72a393f8411838438a)
 	NOTE: CVE is for buffer overflow introduced by applying only 7aaddf52cd98589fb0c3ab72a393f8411838438a
+	NOTE: fix: https://github.com/ellson/graphviz/commit/d266bb2b4154d11c27252b56d86963aef4434750
 CVE-2014-1234
 	NOT-FOR-US: Paratrooper Newrelic Ruby Gem
 CVE-2014-1233
@@ -21,9 +25,9 @@
 	NOTE: https://bugzilla.novell.com/show_bug.cgi?id=857303
 	[wheezy] - lightdm-gtk-greeter <not-affected> (in Wheezy, lightdm restarts when the greeter crashes, so there's no DoS)
 CVE-2014-0978 [stack-based buffer overflow in yyerror()]
-	- graphviz <unfixed> (bug #734745)
+	- graphviz 2.26.3-16 (bug #734745)
 	NOTE: https://github.com/ellson/graphviz/commit/7aaddf52cd98589fb0c3ab72a393f8411838438a
-	NOTE: additional commit required: https://github.com/ellson/graphviz/commit/d266bb2b4154d11c27252b56d86963aef4434750
+	NOTE: additional commit required (new CVE-2014-1235): https://github.com/ellson/graphviz/commit/d266bb2b4154d11c27252b56d86963aef4434750
 	NOTE: see: https://bugzilla.redhat.com/show_bug.cgi?id=1049165#c6
 CVE-2014-0977 [XSS]
 	- movabletype-opensource 5.2.9+dfsg-1 (bug #734304)