thr3ads.net - Secure testing commits - [Secure-testing-commits] r18829

If this information is useful, please help other people find it:
Share via:
Joey Hess
2012-Apr-04 21:15 UTC
[Secure-testing-commits] r18829 - data/CVE

Author: joeyh
Date: 2012-04-04 21:15:20 +0000 (Wed, 04 Apr 2012)
New Revision: 18829

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
==================================================================---
data/CVE/list	2012-04-04 19:59:07 UTC (rev 18828)
+++ data/CVE/list	2012-04-04 21:15:20 UTC (rev 18829)
@@ -1,3 +1,9 @@
+CVE-2012-2055 (GitHub Enterprise before 20120304 does not properly restrict the
use ...)
+	TODO: check
+CVE-2012-2054 (Redmine before 1.3.2 does not properly restrict the use of a
hash to ...)
+	TODO: check
+CVE-2012-2053 (The sudoers file in the Linux system configuration in F5
FirePass ...)
+	TODO: check
 CVE-2012-XXXX [XSS from 5.0.4 release]
 	- phppgadmin 5.0.4-1
 	[squeeze] - phppgadmin <no-dsa> (Minor issue, will be fixed through a
point update)
@@ -147,8 +153,8 @@
 	RESERVED
 CVE-2012-1983
 	RESERVED
-CVE-2012-1982
-	RESERVED
+CVE-2012-1982 (Cross-site scripting (XSS) vulnerability in ...)
+	TODO: check
 CVE-2012-1981
 	RESERVED
 CVE-2012-1980
@@ -542,8 +548,8 @@
 	RESERVED
 CVE-2012-1791
 	RESERVED
-CVE-2012-1777
-	RESERVED
+CVE-2012-1777 (SQL injection vulnerability in my.activation.php3 in F5 FirePass
6.0.0 ...)
+	TODO: check
 CVE-2012-1776 (Multiple heap-based buffer overflows in VideoLAN VLC media
player ...)
 	TODO: check
 CVE-2012-1775 (Stack-based buffer overflow in VideoLAN VLC media player before
2.0.1 ...)
@@ -1881,6 +1887,7 @@
 	- systemd 44-1 (bug #664364)
 CVE-2012-1173
 	RESERVED
+	{DSA-2447-1}
 CVE-2012-1172 [PHP 5.3.x Corrupted $_FILES indices lead to security concern]
 	RESERVED
 	- php5 5.4.0-1 (bug #663760)
@@ -4033,8 +4040,8 @@
 	NOT-FOR-US: Cisco Digital Media Manager
 CVE-2012-0328 (Janetter before 3.3.0.0 (aka 3.3.0) allows remote attackers to
obtain ...)
 	NOT-FOR-US: Janetter
-CVE-2012-0327
-	RESERVED
+CVE-2012-0327 (Cross-site scripting (XSS) vulnerability in Redmine before 1.3.2
...)
+	TODO: check
 CVE-2012-0326 (The twicca application 0.7.0 through 0.9.30 for Android does not
...)
 	NOT-FOR-US: twicca application for Android
 CVE-2012-0325 (Cross-site scripting (XSS) vulnerability in CloudBees Jenkins
before ...)
@@ -4345,8 +4352,8 @@
 	NOT-FOR-US: Final Draft
 CVE-2011-5001 (Stack-based buffer overflow in the CGenericScheduler::AddTask
function ...)
 	NOT-FOR-US: Trend Micro Control Manager
-CVE-2011-5000
-	RESERVED
+CVE-2011-5000 (The ssh_gssapi_parse_ename function in gss-serv.c in OpenSSH 5.8
and ...)
+	TODO: check
 CVE-2011-4999
 	RESERVED
 CVE-2011-4998
@@ -5172,8 +5179,8 @@
 	RESERVED
 CVE-2012-0132
 	RESERVED
-CVE-2012-0131
-	RESERVED
+CVE-2012-0131 (Distributed Computing Environment (DCE) 1.8 and 1.9 on HP HP-UX
...)
+	TODO: check
 CVE-2012-0130
 	RESERVED
 CVE-2012-0129
@@ -10724,8 +10731,9 @@
 	- chromium-browser 17.0.963.83~r127885-1
 CVE-2011-3049 (Google Chrome before 17.0.963.83 does not properly restrict the
...)
 	- chromium-browser 17.0.963.83~r127885-1
-CVE-2011-3048 (memory corruption flaw)
+CVE-2011-3048
 	RESERVED
+	{DSA-2446-1}
 	- libpng <unfixed> (bug #667475)
 CVE-2011-3047 (The GPU process in Google Chrome before 17.0.963.79 allows
remote ...)
 	- chromium-browser 17.0.963.83~r127885-1
Secure testing commits - Apr 2012 - r18829 - data/CVE

[Secure-testing-commits] r18829 - data/CVE
