Author: carnil Date: 2012-05-08 06:01:54 +0000 (Tue, 08 May 2012) New Revision: 19165 Modified: data/CVE/list Log: Add two issues for pidgin, already fixed in unstable in 2.10.4-1 Modified: data/CVE/list ==================================================================--- data/CVE/list 2012-05-08 00:15:42 UTC (rev 19164) +++ data/CVE/list 2012-05-08 06:01:54 UTC (rev 19165) @@ -379,8 +379,11 @@ RESERVED CVE-2012-2319 RESERVED -CVE-2012-2318 +CVE-2012-2318 [Improper validation of incoming plaintext messages in MSN protocol plug-in] RESERVED + - pidgin 2.10.4-1 + [squeeze] - pidgin <unfixed> + TODO: check CVE-2012-2317 [php5 crypt() empty salt issue] RESERVED - php5 5.3.6-1 (bug #581170) @@ -624,8 +627,11 @@ [squeeze] - wicd 1.7.0+ds1-5+squeeze1 CVE-2012-2215 (Directory traversal vulnerability in the Preboot Service in Novell ...) NOT-FOR-US: Novell ZENworks Configuration Management -CVE-2012-2214 - RESERVED +CVE-2012-2214 [XMPP remote crash] + - pidgin 2.10.4-1 + [squeeze] - pidgin <unfixed> + TODO: check + NOTE: http://www.pidgin.im/news/security/?id=62 CVE-2012-2213 (** DISPUTED ** Squid 3.1.9 allows remote attackers to bypass the ...) TODO: check CVE-2012-2212 (** DISPUTED ** McAfee Web Gateway 7.0 allows remote attackers to ...)