Secure testing commits - Apr 2012 - r18969 - data/CVE

Author: jmm
Date: 2012-04-16 15:47:58 +0000 (Mon, 16 Apr 2012)
New Revision: 18969

Modified:
   data/CVE/list
Log:
fuse no-dsa
polipo no-dsa
maradns no-dsa


Modified: data/CVE/list
==================================================================---
data/CVE/list	2012-04-16 15:47:13 UTC (rev 18968)
+++ data/CVE/list	2012-04-16 15:47:58 UTC (rev 18969)
@@ -1499,6 +1499,7 @@
 	[squeeze] - file 5.04-5+squeeze1
 CVE-2012-1570 (The resolver in MaraDNS before 1.3.0.7.15 and 1.4.x before
1.4.12 ...)
 	- maradns 1.4.12-1 (bug #665012)
+	[squeeze] - maradns <no-dsa> (Minor DNS protocol flaw)
 CVE-2012-1569 (The asn1_get_length_der function in decoding.c in GNU Libtasn1
before ...)
 	{DSA-2440-1}
 	- libtasn1-3 2.12-1 (high)
@@ -9746,6 +9747,7 @@
 CVE-2011-3596
 	RESERVED
 	- polipo <unfixed> (bug #644289)
+	[squeeze] - polipo <no-dsa> (Minor issue)
 	NOTE: http://seclists.org/fulldisclosure/2011/Oct/10
 CVE-2011-3595
 	RESERVED
@@ -18776,13 +18778,16 @@
 	RESERVED
 	- phpbb3 3.0.7-PL1-5 (bug #612477)
 CVE-2011-0543 (Certain legacy functionality in fusermount in fuse 2.8.5 and
earlier, ...)
-	- fuse 2.8.5-1 (bug #624551)
+	- fuse 2.8.5-1 (low; bug #624551)
+	[squeeze] - fuse <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-0541
 CVE-2011-0542 (fusermount in fuse 2.8.5 and earlier does not perform a chdir to
/ ...)
-	- fuse 2.8.5-1 (bug #624551)
+	- fuse 2.8.5-1 (low; bug #624551)
+	[squeeze] - fuse <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-0541
 CVE-2011-0541 (fuse 2.8.5 and earlier does not properly handle when /etc/mtab
cannot ...)
-	- fuse 2.8.5-1 (bug #624551)
+	- fuse 2.8.5-1 (low; bug #624551)
+	[squeeze] - fuse <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-0541
 CVE-2011-0540
 	RESERVED
@@ -22577,6 +22582,7 @@
 	- linux-2.6 2.6.32-30 (low)
 CVE-2010-3879 (FUSE, possibly 2.8.5 and earlier, allows local users to create
mtab ...)
 	- fuse 2.8.5-1 (bug #602333)
+	[squeeze] - fuse <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-3879
 CVE-2010-3878 (Cross-site request forgery (CSRF) vulnerability in the JMX
Console in ...)
 	- jbossas4 <not-affected> (Only builds a few libraries, not the full
application server, #581226)