Moritz Muehlenhoff
2012-May-12 07:16 UTC
[Secure-testing-commits] r19225 - in data: CVE DSA
Author: jmm
Date: 2012-05-12 07:16:46 +0000 (Sat, 12 May 2012)
New Revision: 19225
Modified:
data/CVE/list
data/DSA/list
Log:
mahara, typo3, pam-shield CVEfied
Modified: data/CVE/list
==================================================================---
data/CVE/list 2012-05-11 21:14:23 UTC (rev 19224)
+++ data/CVE/list 2012-05-12 07:16:46 UTC (rev 19225)
@@ -516,27 +516,33 @@
RESERVED
CVE-2010-5105
RESERVED
-CVE-2010-5104
+CVE-2010-5104 [TYPO3-SA-2010-022]
RESERVED
-CVE-2010-5103
+ - typo3-src 4.3.9+dfsg1-1 (bug #607286)
+CVE-2010-5103 [TYPO3-SA-2010-022]
RESERVED
-CVE-2010-5102
+ - typo3-src 4.3.9+dfsg1-1 (bug #607286)
+CVE-2010-5102 [TYPO3-SA-2010-022]
RESERVED
-CVE-2010-5101
+ - typo3-src 4.3.9+dfsg1-1 (bug #607286)
+CVE-2010-5101 [TYPO3-SA-2010-022]
RESERVED
-CVE-2010-5100
+ - typo3-src 4.3.9+dfsg1-1 (bug #607286)
+CVE-2010-5100 [TYPO3-SA-2010-022]
RESERVED
-CVE-2010-5099
+ - typo3-src 4.3.9+dfsg1-1 (bug #607286)
+CVE-2010-5099 [TYPO3-SA-2010-022]
RESERVED
-CVE-2010-5098
+ - typo3-src 4.3.9+dfsg1-1 (bug #607286)
+CVE-2010-5098 [TYPO3-SA-2010-022]
RESERVED
-CVE-2010-5097
+ - typo3-src 4.3.9+dfsg1-1 (bug #607286)
+CVE-2010-5097 [TYPO3-SA-2010-022]
RESERVED
+ - typo3-src 4.3.9+dfsg1-1 (bug #607286)
CVE-2010-5096 [MyBB multiple SQL injection vulnerabilities]
RESERVED
NOT-FOR-US: MyBB
- NOTE: http://osvdb.org/show/osvdb/70013
- NOTE: http://yehg.net/lab/pr0js/advisories/%5Bmybb1.6%5D_sql_injection
CVE-2010-5095 [SilverStripe escaping exploit]
RESERVED
- silverstripe <itp> (bug #528461)
@@ -676,10 +682,12 @@
RESERVED
CVE-2012-2352
RESERVED
-CVE-2012-2351
+CVE-2012-2351 [mahara SAML impersonation issue]
RESERVED
-CVE-2012-2350
+ - mahara 1.4.2-1
+CVE-2012-2350 [pam_shield default configuration does not take any action]
RESERVED
+ - pam-shield <unfixed> (medium; bug #658830)
CVE-2012-2349
RESERVED
CVE-2012-2348
@@ -1709,8 +1717,6 @@
RESERVED
CVE-2012-1937
RESERVED
-CVE-2012-XXXX [mahara SAML impersonation issue]
- - mahara 1.4.2-1
CVE-2012-1936 (** DISPUTED ** The wp_create_nonce function in ...)
NOT-FOR-US: Disputed Wordpress issue
CVE-2012-1935
@@ -3919,8 +3925,6 @@
NOT-FOR-US: Sphinx Software Mobile Web Server
CVE-2012-1004 (Multiple cross-site scripting (XSS) vulnerabilities in
UI/Register.pm ...)
NOT-FOR-US: Foswiki
-CVE-2010-XXXX [pam_shield default configuration does not take any action]
- - pam-shield <unfixed> (medium; bug #658830)
CVE-2012-1003 (Multiple integer overflows in Opera 11.60 and earlier allow
remote ...)
NOT-FOR-US: Opera
CVE-2002-2483
@@ -21848,10 +21852,6 @@
NOT-FOR-US: IBM Lotus Notes Traveler
CVE-2009-5032 (The encrypted e-mail feature in IBM Lotus Notes Traveler before
...)
NOT-FOR-US: IBM Lotus Notes Traveler
-CVE-2010-XXXX [TYPO3-SA-2010-022]
- - typo3-src 4.3.9+dfsg1-1 (bug #607286)
- NOTE: CVE ID requested http://seclists.org/oss-sec/2011/q1/76
- NOTE: CVE ID second request http://seclists.org/oss-sec/2012/q2/295
CVE-2011-0045 (The Trace Events functionality in the kernel in Microsoft
Windows XP ...)
NOT-FOR-US: Microsoft Windows
CVE-2011-0044
Modified: data/DSA/list
==================================================================---
data/DSA/list 2012-05-11 21:14:23 UTC (rev 19224)
+++ data/DSA/list 2012-05-12 07:16:46 UTC (rev 19225)
@@ -8,6 +8,7 @@
{CVE-2012-0213}
[squeeze] - libjakarta-poi-java 3.6+dfsg-1+squeeze1
[09 May 2012] DSA-2467-1 mahara - insecure defaults
+ {CVE-2012-2351}
[squeeze] - mahara 1.2.6-2+squeeze4
[09 May 2012] DSA-2466-1 rails - cross site scripting
{CVE-2012-1099}