Author: jmm
Date: 2012-05-08 21:10:32 +0000 (Tue, 08 May 2012)
New Revision: 19177
Modified:
data/CVE/list
Log:
nodejs CVEfied
fix wicd squeeze spu upload version
new qpid-cpp issue
Modified: data/CVE/list
==================================================================---
data/CVE/list 2012-05-08 18:41:02 UTC (rev 19176)
+++ data/CVE/list 2012-05-08 21:10:32 UTC (rev 19177)
@@ -2,11 +2,6 @@
- serendipity <unfixed> (bug #671937; medium)
NOTE: http://blog.s9y.org/archives/240-Serendipity-1.6.1-released.html
NOTE: CVE id requested http://seclists.org/oss-sec/2012/q2/276
-CVE-2012-XXXX [node.js <0.6.17/0.7.8 HTTP server information disclosure]
- - nodejs 0.6.17~dfsg1-1
- NOTE:
http://blog.nodejs.org/2012/05/07/http-server-security-vulnerability-please-upgrade-to-0-6-17/
- NOTE: https://github.com/joyent/node/commit/c9a231d
- NOTE: CVE id requested http://seclists.org/oss-sec/2012/q2/274
CVE-2012-2455
RESERVED
CVE-2012-2454
@@ -364,8 +359,11 @@
RESERVED
CVE-2012-2331
RESERVED
-CVE-2012-2330
+CVE-2012-2330 [node.js <0.6.17/0.7.8 HTTP server information disclosure]
RESERVED
+ - nodejs 0.6.17~dfsg1-1
+ NOTE:
http://blog.nodejs.org/2012/05/07/http-server-security-vulnerability-please-upgrade-to-0-6-17/
+ NOTE: https://github.com/joyent/node/commit/c9a231d
CVE-2012-2329
RESERVED
CVE-2012-2328
@@ -635,7 +633,7 @@
CVE-2012-2095 [wicd command execution with root privileges]
RESERVED
- wicd 1.7.2.4-1 (low; bug #668397)
- [squeeze] - wicd 1.7.0+ds1-5+squeeze1
+ [squeeze] - wicd 1.7.0+ds1-5+squeeze2
CVE-2012-2215 (Directory traversal vulnerability in the Preboot Service in
Novell ...)
NOT-FOR-US: Novell ZENworks Configuration Management
CVE-2012-2214 [XMPP remote crash]
@@ -10435,7 +10433,7 @@
RESERVED
NOT-FOR-US: fluxbb
CVE-2011-3620 (Apache Qpid 0.12 does not properly verify credentials during the
...)
- TODO: check
+ - qpid-cpp <unfixed> (bug #672124)
CVE-2011-3619
RESERVED
- linux-2.6 3.0.0-1