Author: jmm Date: 2012-01-24 15:21:28 +0000 (Tue, 24 Jan 2012) New Revision: 18270 Modified: data/CVE/list Log: tomcat hair-splitting by MITRE NFUs Modified: data/CVE/list ==================================================================--- data/CVE/list 2012-01-24 15:09:25 UTC (rev 18269) +++ data/CVE/list 2012-01-24 15:21:28 UTC (rev 18270) @@ -436,22 +436,28 @@ CVE-2012-0698 RESERVED CVE-2011-5066 (The SibRaRecoverableSiXaResource class in the Default Messaging ...) - TODO: check + NOT-FOR-US: WebSphere CVE-2011-5065 (Cross-site scripting (XSS) vulnerability in IBM WebSphere Application ...) - TODO: check + NOT-FOR-US: WebSphere CVE-2011-5064 (DigestAuthenticator.java in the HTTP Digest Access Authentication ...) - TODO: check + - tomcat6 6.0.32-7 + - tomcat7 7.0.12 + - tomcat5.5 <removed> CVE-2011-5063 (The HTTP Digest Access Authentication implementation in Apache Tomcat ...) - TODO: check + - tomcat6 6.0.32-7 + - tomcat7 7.0.12 + - tomcat5.5 <removed> CVE-2011-5062 (The HTTP Digest Access Authentication implementation in Apache Tomcat ...) - TODO: check + - tomcat6 6.0.32-7 + - tomcat7 7.0.12 + - tomcat5.5 <removed> CVE-2011-5061 (functions.php in WHMCompleteSolution (WHMCS) 4.0.x through 5.0.x ...) - TODO: check + NOT-FOR-US: WHMCompleteSolution CVE-2011-5060 (The par_mktmpdir function in the PAR module before 1.003 for Perl ...) - libpar-perl 1.005-1 (bug #650707) [squeeze] - libpar-perl <no-dsa> (Minor issue) CVE-2010-5082 (Untrusted search path vulnerability in colorcpl.exe 6.0.6000.16386 in ...) - TODO: check + NOT-FOR-US: Windows Server CVE-2010-XXXX [webkit info disclosure/segfault] - webkit <unfixed> (low; bug #579136) - chromium <not-affected> @@ -470,7 +476,7 @@ CVE-2012-0694 RESERVED CVE-2012-0693 (submitticket.php in WHMCompleteSolution (WHMCS) 5.03 allows remote ...) - TODO: check + NOT-FOR-US: WHMCompleteSolution CVE-2012-0692 RESERVED CVE-2012-0691 @@ -1093,8 +1099,7 @@ - kdebase-workspace <undetermined> NOTE: the kcheckpass utility is not present in sid CVE-2011-5053 (The Wi-Fi Protected Setup (WPS) protocol, when the "external ...) - TODO: check - NOTE: This vulnerability affects a protocol, not a product. More information can be found at http://www.kb.cert.org/vuls/id/723755. All products listed there are not part of Debian. + NOT-FOR-US: This vulnerability affects a protocol, not a product. More information can be found at http://www.kb.cert.org/vuls/id/723755. All products listed there are not part of Debian. CVE-2011-XXXX [glib hashtable dos issues: ocert-2011-003] - glib2.0 <unfixed> (low; bug #655044) CVE-2012-0390 (The DTLS implementation in GnuTLS 3.0.10 and earlier executes certain ...) @@ -1221,7 +1226,7 @@ CVE-2012-0330 RESERVED CVE-2012-0329 (Cisco Digital Media Manager 5.2.2 and earlier, and 5.2.3, allows ...) - TODO: check + NOT-FOR-US: Cisco Digital Media Manager CVE-2012-0328 RESERVED CVE-2012-0327