Author: jmm
Date: 2012-06-14 09:13:07 +0000 (Thu, 14 Jun 2012)
New Revision: 19481
Modified:
data/CVE/list
Log:
nova fixed
busybox fixed
one kernel issue not affected
new openconnect issue (fixed in sid)
new mediawiki issue
Modified: data/CVE/list
==================================================================---
data/CVE/list 2012-06-13 21:14:52 UTC (rev 19480)
+++ data/CVE/list 2012-06-14 09:13:07 UTC (rev 19481)
@@ -1,3 +1,5 @@
+CVE-2012-XXXX [mediawiki uselang XSS]
+ - mediawiki <unfixed>
CVE-2012-3346
RESERVED
CVE-2012-3345
@@ -111,7 +113,7 @@
CVE-2012-3292 (The GridFTP in Globus Toolkit (GT) before 5.2.2, when certain
autoconf ...)
TODO: check
CVE-2012-3291 (Heap-based buffer overflow in OpenConnect 3.18 allows remote
servers ...)
- TODO: check
+ - openconnect 3.18-1
CVE-2012-3290 (Multiple unspecified vulnerabilities in Google Chrome before
...)
TODO: check
CVE-2012-3289
@@ -1453,7 +1455,7 @@
- postgresql-8.4 8.4.12-1
CVE-2012-2654
RESERVED
- - nova <unfixed> (bug #676465)
+ - nova 2012.1-6 (bug #676465)
CVE-2012-2653
RESERVED
{DSA-2481-1}
@@ -2886,6 +2888,7 @@
CVE-2012-2119
RESERVED
- linux 3.2.20-1
+ [squeeze] - linux-2.6 <not-affected> (Vulnerable code not present, was
added in 3.1)
CVE-2012-2118 (Format string vulnerability in the LogVHdrMessageVerb function
in ...)
- xorg-server 2:1.12.1.902-1 (bug #673148)
[squeeze] - xorg-server <not-affected> (Introduced in 1.10)
@@ -15279,9 +15282,7 @@
NOT-FOR-US: udhcp6c
CVE-2011-2716
RESERVED
- - busybox <unfixed> (unimportant; bug #635548)
- [lenny] - busybox <no-dsa> (Minor issue)
- [squeeze] - busybox <no-dsa> (Minor issue)
+ - busybox 1:1.20.0-3 (unimportant; bug #635548)
NOTE: the default action script of busybox is not vulnerable to this attack
NOTE: fixed in 1.20 (experimental). default script in udeb may be vulnerable.
CVE-2011-2715