Author: jmm Date: 2012-07-02 07:08:49 +0000 (Mon, 02 Jul 2012) New Revision: 19633 Modified: data/CVE/list Log: chromium fixed tiff has two source packages in wheezy :-/ new harmless gimp issue Modified: data/CVE/list ==================================================================--- data/CVE/list 2012-07-01 23:34:15 UTC (rev 19632) +++ data/CVE/list 2012-07-02 07:08:49 UTC (rev 19633) @@ -1200,6 +1200,8 @@ RESERVED CVE-2012-3236 RESERVED + - gimp <unfixed> (unimportant) + NOTE: Harmless crasher w/o security impact CVE-2012-3235 RESERVED CVE-2012-3234 @@ -2026,45 +2028,45 @@ CVE-2012-2835 RESERVED CVE-2012-2834 (Integer overflow in Google Chrome before 20.0.1132.43 allows remote ...) - - chromium-browser <unfixed> + - chromium-browser 20.0.1132.43~r143823-1 CVE-2012-2833 (Buffer overflow in the JS API in the PDF functionality in Google ...) - chromium-browser <not-affected> (PDF functionality not present in Chromium) CVE-2012-2832 (The image-codec implementation in the PDF functionality in Google ...) - chromium-browser <not-affected> (PDF functionality not present in Chromium) CVE-2012-2831 (Use-after-free vulnerability in Google Chrome before 20.0.1132.43 ...) - - chromium-browser <unfixed> + - chromium-browser 20.0.1132.43~r143823-1 CVE-2012-2830 (Google Chrome before 20.0.1132.43 does not properly set array values, ...) - - chromium-browser <unfixed> + - chromium-browser 20.0.1132.43~r143823-1 CVE-2012-2829 (Use-after-free vulnerability in the Cascading Style Sheets (CSS) ...) - - chromium-browser <unfixed> + - chromium-browser 20.0.1132.43~r143823-1 CVE-2012-2828 (Multiple integer overflows in the PDF functionality in Google Chrome ...) - chromium-browser <not-affected> (PDF functionality not present in Chromium) CVE-2012-2827 (Use-after-free vulnerability in the UI in Google Chrome before ...) - chromium-browser <not-affected> (MacOS specific) CVE-2012-2826 (Google Chrome before 20.0.1132.43 does not properly implement texture ...) - - chromium-browser <unfixed> + - chromium-browser 20.0.1132.43~r143823-1 CVE-2012-2825 (The XSL implementation in Google Chrome before 20.0.1132.43 allows ...) - libxslt <unfixed> (bug #679283) CVE-2012-2824 (Use-after-free vulnerability in Google Chrome before 20.0.1132.43 ...) - - chromium-browser <unfixed> + - chromium-browser 20.0.1132.43~r143823-1 CVE-2012-2823 (Use-after-free vulnerability in Google Chrome before 20.0.1132.43 ...) - - chromium-browser <unfixed> + - chromium-browser 20.0.1132.43~r143823-1 CVE-2012-2822 (The PDF functionality in Google Chrome before 20.0.1132.43 allows ...) - chromium-browser <not-affected> (PDF functionality not present in Chromium) CVE-2012-2821 (The autofill implementation in Google Chrome before 20.0.1132.43 does ...) - - chromium-browser <unfixed> + - chromium-browser 20.0.1132.43~r143823-1 CVE-2012-2820 (Google Chrome before 20.0.1132.43 does not properly implement SVG ...) - - chromium-browser <unfixed> + - chromium-browser 20.0.1132.43~r143823-1 CVE-2012-2819 (The texSubImage2D implementation in the WebGL subsystem in Google ...) - - chromium-browser <unfixed> + - chromium-browser 20.0.1132.43~r143823-1 CVE-2012-2818 (Use-after-free vulnerability in Google Chrome before 20.0.1132.43 ...) - - chromium-browser <unfixed> + - chromium-browser 20.0.1132.43~r143823-1 CVE-2012-2817 (Use-after-free vulnerability in Google Chrome before 20.0.1132.43 ...) - - chromium-browser <unfixed> + - chromium-browser 20.0.1132.43~r143823-1 CVE-2012-2816 (Google Chrome before 20.0.1132.43 on Windows does not properly isolate ...) - chromium-browser <unfixed> CVE-2012-2815 (Google Chrome before 20.0.1132.43 allows remote attackers to obtain ...) - - chromium-browser <unfixed> + - chromium-browser 20.0.1132.43~r143823-1 CVE-2012-2814 RESERVED CVE-2012-2813 @@ -2220,8 +2222,7 @@ - joomla <itp> (bug #571794) CVE-2012-2746 RESERVED - - 389-ds <not-affected> - NOTE: first version uploaded to Debian includes the fix + - 389-ds <not-affected> (Fixed before initial upload) CVE-2012-2745 RESERVED CVE-2012-2744 @@ -2390,8 +2391,7 @@ NOT-FOR-US: Red Hat Network configuration client CVE-2012-2678 RESERVED - - 389-ds <not-affected> - NOTE: first version uploaded to Debian includes the fix + - 389-ds <not-affected> (Fixed before initial upload) CVE-2012-2677 RESERVED - boost1.42 <removed> @@ -3985,7 +3985,7 @@ RESERVED CVE-2012-2098 RESERVED - - libcommons-compress-java <unfixed> (low; bug #674448) + - libcommons-compress-java 1.4.1-1 (low; bug #674448) [squeeze] - libcommons-compress-java <no-dsa> (Minor issue) CVE-2012-2097 RESERVED @@ -4013,6 +4013,7 @@ CVE-2012-2088 RESERVED - tiff 4.0-1 (bug #678140) + - tiff3 3.9.6-6 CVE-2012-2087 RESERVED CVE-2012-2086 [gajim sql injection] @@ -7029,7 +7030,7 @@ - phpldapadmin 1.2.2-1 (bug #658907) CVE-2012-0833 RESERVED - NOT-FOR-US: 389 LDAP server + - 389-ds <not-affected> (Fixed before initial upload) CVE-2012-0832 RESERVED CVE-2012-0831 (PHP before 5.3.10 does not properly perform a temporary change to the ...)