[Secure-testing-commits] r28731 - data/CVE

Fri Sep 12 05:22:42 UTC 2014

Author: carnil
Date: 2014-09-12 05:22:42 +0000 (Fri, 12 Sep 2014)
New Revision: 28731

Modified:
   data/CVE/list
Log:
Update information for cyassl issues which were fixed before the initial upload

Modified: data/CVE/list
===================================================================

--- data/CVE/list	2014-09-12 04:52:35 UTC (rev 28730)
+++ data/CVE/list	2014-09-12 05:22:42 UTC (rev 28731)
@@ -31351,8 +31351,7 @@
 	{DSA-2780-1}
 	- mysql-5.1 <removed> (bug #712059)
 	- mysql-5.5 5.5.30+dfsg-1
-	- cyassl <unfixed>
-	TODO: check cyassl
+	- cyassl <not-affected> (Fixed before initial upload to archive)
 	NOTE: https://blogs.oracle.com/sunsecurity/entry/cve_2013_1492_buffer_overflow
 CVE-2013-1491 (The Java Runtime Environment (JRE) component in Oracle Java SE 7 ...)
 	- openjdk-6 <not-affected> (Specific to Oracle Java, not present in IcedTea)
@@ -49932,8 +49931,7 @@
 	- apache2 <not-affected> (LD_LIBRARY_PATH not set in debian package)
 CVE-2012-0882 (Buffer overflow in yaSSL, as used in MySQL 5.5.20 and possibly other ...)
 	- mysql-5.5 5.5.22 (bug #675872)
-	- cyassl <unfixed>
-	TODO: check cyassl
+	- cyassl <not-affected> (Fixed before initial upload to archive)
 	NOTE: limited information about issue, only a video of exploit taking place
 CVE-2012-0881 [xerces-j2 hash table collisions CPU usage DoS]
 	RESERVED
@@ -50744,8 +50742,7 @@
 	{DSA-2780-1}
 	- mysql-5.1 <removed> (bug #712059)
 	- mysql-5.5 5.5.28+dfsg-1
-	- cyassl <unfixed>
-	TODO: check cyassl
+	- cyassl <not-affected> (Fixed before initial upload to archive)
 	NOTE: https://blogs.oracle.com/sunsecurity/entry/cve_2012_0553_buffer_overflow
 CVE-2012-0552 (Unspecified vulnerability in the Oracle Spatial component in Oracle ...)
 	NOT-FOR-US: Oracle Database Server
@@ -80592,8 +80589,7 @@
 	{DSA-1997-1}
 	- mysql-dfsg-5.0 <removed> (medium)
 	- mysql-5.1 5.1.41-4 (medium)
-	- cyassl <unfixed>
-	TODO: check cyassl
+	- cyassl <not-affected> (Fixed before initial upload to archive)
 	NOTE: http://intevydis.blogspot.com/2010/01/mysq-yassl-stack-overflow.html
 	NOTE: http://bazaar.launchpad.net/~mysql/mysql-server/mysql-5.0/revision/2837.1.1
 CVE-2009-4483 (Unspecified vulnerability in LDAP3A.exe in MailSite 8.0.4 allows ...)
@@ -109746,14 +109742,12 @@
 	{DSA-1478-1}
 	- mysql-dfsg-4.1 <removed>
 	- mysql-dfsg-5.0 5.0.51-3 (low; bug #460873)
-	- cyassl <unfixed>
-	TODO: check cyassl
+	- cyassl <not-affected> (Fixed before initial upload to archive)
 CVE-2008-0226 (Multiple buffer overflows in yaSSL 1.7.5 and earlier, as used in MySQL ...)
 	{DSA-1478-1}
 	- mysql-dfsg-4.1 <removed>
 	- mysql-dfsg-5.0 5.0.51-3 (medium; bug #460873)
-	- cyassl <unfixed>
-	TODO: check cyassl
+	- cyassl <not-affected> (Fixed before initial upload to archive)
 CVE-2008-0225 (Heap-based buffer overflow in the rmff_dump_cont function in ...)
 	{DSA-1472-1 DTSA-109-1}
 	- xine-lib 1.1.10-1 (medium; bug #460551)
@@ -146432,8 +146426,7 @@
 	{DSA-907-1}
 	- ipmenu 0.0.3-5
 CVE-2005-3731 (Unspecified vulnerability in yaSSL before 1.0.6 has unknown impact and ...)
-	- cyassl <unfixed>
-	TODO: check cyassl
+	- cyassl <not-affected> (Fixed before initial upload to archive)
 CVE-2005-3730 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
 	NOT-FOR-US: Revize CMS
 CVE-2005-3729 (Idetix Software Systems Revize CMS allows remote attackers to obtain ...)


