Author: jmm Date: 2012-06-14 10:12:56 +0000 (Thu, 14 Jun 2012) New Revision: 19483 Modified: data/CVE/list Log: openjdk updates new mantis issues mediawiki CVEfied several jboss issues don''t affect Debian Modified: data/CVE/list ==================================================================--- data/CVE/list 2012-06-14 09:31:37 UTC (rev 19482) +++ data/CVE/list 2012-06-14 10:12:56 UTC (rev 19483) @@ -1,5 +1,3 @@ -CVE-2012-XXXX [mediawiki uselang XSS] - - mediawiki <unfixed> CVE-2012-3346 RESERVED CVE-2012-3345 @@ -1327,8 +1325,9 @@ RESERVED CVE-2012-2699 RESERVED -CVE-2012-2698 +CVE-2012-2698 [mediawiki uselang XSS] RESERVED + - mediawiki <unfixed> CVE-2012-2697 RESERVED CVE-2012-2696 @@ -1341,8 +1340,10 @@ RESERVED CVE-2012-2692 RESERVED + - mantis <unfixed> (bug #676783) CVE-2012-2691 RESERVED + - mantis <unfixed> (bug #676783) CVE-2012-2690 RESERVED CVE-2012-2689 @@ -2188,6 +2189,7 @@ NOT-FOR-US: Apache CXF CVE-2012-2377 RESERVED + - jbossas4 <not-affected> (Only builds a few libraries, not the full application server) CVE-2012-2376 (Buffer overflow in the com_print_typeinfo function in PHP 5.4.3 and ...) - php5 <not-affected> (Windows-specific vulnerability) CVE-2012-2375 (The __nfs4_get_acl_uncached function in fs/nfs/nfs4proc.c in the NFSv4 ...) @@ -2784,6 +2786,7 @@ NOTE: http://libwpd.git.sourceforge.net/git/gitweb.cgi?p=libwpd/libwpd;a=blobdiff;f=src/lib/WPXOLEStream.cpp;h=5bb11bd14912bda74c86392b20eb3d07207b7edb;hp=12b9340584855dca85cd429c1d3cf8a8e252e293;hb=7ce74979eef53d575ca433b525b6dff29cac5fd1;hpb=12560d3cb0f5d998b6d73bb6c881ec815a775932 CVE-2012-2148 RESERVED + - jbossas4 <not-affected> (Only builds a few libraries, not the full application server) CVE-2012-2147 RESERVED - munin 2.0~rc6-1 (bug #670811) @@ -3815,12 +3818,12 @@ - openjdk-7 <unfixed> (bug #677486) CVE-2012-1722 RESERVED - - openjdk-6 <unfixed> (bug #677487) - - openjdk-7 <unfixed> (bug #677486) + - openjdk-6 <not-affected> (specific to Oracle Java) + - openjdk-7 <not-affected> (specific to Oracle Java) CVE-2012-1721 RESERVED - - openjdk-6 <unfixed> (bug #677487) - - openjdk-7 <unfixed> (bug #677486) + - openjdk-6 <not-affected> (specific to Oracle Java) + - openjdk-7 <not-affected> (specific to Oracle Java) CVE-2012-1720 RESERVED - openjdk-6 <unfixed> (bug #677487) @@ -5110,6 +5113,7 @@ - moodle <not-affected> (Only affects 2.0 to 2.2) CVE-2012-1167 RESERVED + - jbossas4 <not-affected> (Only builds a few libraries, not the full application server) CVE-2012-1166 [ldm (LTSP display manager)] RESERVED - ldm 2:2.2.7-1 (bug #663645) @@ -6670,8 +6674,8 @@ NOT-FOR-US: Oracle Database Server CVE-2012-0551 (Unspecified vulnerability in the GlassFish Enterprise Server component ...) - glassfish <not-affected> (Debian only builds some core libs, not the full application stack) - - openjdk-6 <unfixed> (bug #677487) - - openjdk-7 <unfixed> (bug #677486) + - openjdk-6 <not-affected> (specific to Oracle Java) + - openjdk-7 <not-affected> (specific to Oracle Java) CVE-2012-0550 (Unspecified vulnerability in the GlassFish Enterprise Server component ...) - glassfish <not-affected> (Debian only builds some core libs, not the full application stack) CVE-2012-0549 (Unspecified vulnerability in the Oracle AutoVue Office component in ...)