Moritz Muehlenhoff
2012-Jun-20 15:31 UTC
[Secure-testing-commits] r19541 - in data: . CVE DSA
Author: jmm
Date: 2012-06-20 15:31:06 +0000 (Wed, 20 Jun 2012)
New Revision: 19541
Modified:
data/CVE/list
data/DSA/list
data/spu-candidates.txt
Log:
mosh/vte no-dsa
filed bug for qemu
another mysql issue fixed in recent DSA
Modified: data/CVE/list
==================================================================---
data/CVE/list 2012-06-20 15:01:12 UTC (rev 19540)
+++ data/CVE/list 2012-06-20 15:31:06 UTC (rev 19541)
@@ -1732,7 +1732,8 @@
NOTE: http://www.openwall.com/lists/oss-security/2012/06/17/1
CVE-2012-2738
RESERVED
- - libvte9 <unfixed> (bug #677717)
+ - vte <unfixed> (bug #677717)
+ [squeeze] - vte <no-dsa> (Minor issue)
CVE-2012-2737
RESERVED
CVE-2012-2736 [NetworkManager: creating new WPA-secured wireless network
results in insecure network being created instead]
@@ -1961,7 +1962,7 @@
NOTE: Debian build includes the vulnerable patch (in .diff.gz)
CVE-2012-2652 [vulnerable to temporary file symlink attacks]
RESERVED
- - qemu <unfixed>
+ - qemu <unfixed> (bug #678280)
CVE-2012-2651
RESERVED
CVE-2012-2650
@@ -2662,7 +2663,8 @@
- php5 5.4.4~rc1-1
CVE-2012-2385 [malicious escape sequences can cause denial of service for
mosh-server]
RESERVED
- - mosh 1.2.1-1 (bug #673871)
+ - mosh 1.2.1-1 (low; bug #673871)
+ [squeeze] - mosh 1.2.1-1 (low; bug #673871)
NOTE: https://github.com/keithw/mosh/issues/271
NOTE:
https://github.com/keithw/mosh/commit/9791768705528e911bfca6c4d8aa88139035060e
CVE-2012-2384 (Integer overflow in the i915_gem_do_execbuffer function in ...)
Modified: data/DSA/list
==================================================================---
data/DSA/list 2012-06-20 15:01:12 UTC (rev 19540)
+++ data/DSA/list 2012-06-20 15:31:06 UTC (rev 19541)
@@ -1,5 +1,5 @@
[18 Jun 2012] DSA-2496-1 mysql-5.1 - several
- {CVE-2012-0583 CVE-2012-1688 CVE-2012-1690 CVE-2012-1703 CVE-2012-2122
CVE-2012-2749}
+ {CVE-2012-0583 CVE-2012-1688 CVE-2012-1690 CVE-2012-1703 CVE-2012-2102
CVE-2012-2122 CVE-2012-2749}
[squeeze] - mysql-5.1 5.1.63-0+squeeze1
[16 Jun 2012] DSA-2495-1 openconnect - buffer overflow
{CVE-2012-3291}
Modified: data/spu-candidates.txt
==================================================================---
data/spu-candidates.txt 2012-06-20 15:01:12 UTC (rev 19540)
+++ data/spu-candidates.txt 2012-06-20 15:31:06 UTC (rev 19541)
@@ -485,6 +485,11 @@
--
+vte (CVE-2012-2738)
+#677717
+
+--
+
xinetd (CVE-2012-0862)
https://bugzilla.redhat.com/show_bug.cgi?id=790940