Author: jmm Date: 2012-07-20 08:33:05 +0000 (Fri, 20 Jul 2012) New Revision: 19767 Modified: data/CVE/list Log: new issue in plupload (ITPed) add bug for tiff, clone bug for the annoying duplication of source packages in Wheezy :-/ Modified: data/CVE/list ==================================================================--- data/CVE/list 2012-07-19 21:14:21 UTC (rev 19766) +++ data/CVE/list 2012-07-20 08:33:05 UTC (rev 19767) @@ -63,7 +63,7 @@ CVE-2012-4000 (Cross-site scripting (XSS) vulnerability in the print_textinputs_var ...) TODO: check CVE-2012-3999 (Cross-site scripting (XSS) vulnerability in admin/login.php in Sticky ...) - TODO: check + NOT-FOR-US: Sticky Notes CVE-2012-3998 (Multiple SQL injection vulnerabilities in Sticky Notes before ...) NOT-FOR-US: Sticky Notes CVE-2012-3997 (Multiple cross-site scripting (XSS) vulnerabilities in Sticky Notes ...) @@ -1261,6 +1261,7 @@ RESERVED CVE-2012-3415 RESERVED + - plpupload <itp> (bug #668396) CVE-2012-3414 [libjs-swfupload] RESERVED - libjs-swfupload 2.2.0.1+ds1-2 (low; bug #681323) @@ -1319,9 +1320,8 @@ RESERVED CVE-2012-3401 [tiff2pdf heap-based buffer overflow due to improper initialization of T2P context struct pointer] RESERVED - - libtiff-tools <unfixed> - TODO: Check if Debian is affected - NOTE: http://www.openwall.com/lists/oss-security/2012/07/19/1 + - tiff <unfixed> (bug #682115) + - tiff3 <unfixed> NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=837577 CVE-2012-3400 RESERVED