Author: jmm Date: 2012-08-09 14:53:47 +0000 (Thu, 09 Aug 2012) New Revision: 19917 Modified: data/CVE/list Log: "new" chef issues (all resolved) two chrome issues not in chromium libotr CVEfied NFUs Modified: data/CVE/list ==================================================================--- data/CVE/list 2012-08-09 09:14:23 UTC (rev 19916) +++ data/CVE/list 2012-08-09 14:53:47 UTC (rev 19917) @@ -1,7 +1,7 @@ CVE-2012-4178 (SQL injection vulnerability in spywall/includes/deptUploads_data.php ...) - TODO: check + NOT-FOR-US: Symantec Web Gateway CVE-2012-4177 (The web browser plugin for Ubisoft Uplay PC before 2.0.4 allows remote ...) - TODO: check + NOT-FOR-US: Ubisoft Uplay PC CVE-2012-4176 RESERVED CVE-2012-4175 @@ -63,25 +63,23 @@ CVE-2012-4147 RESERVED CVE-2011-5098 (chef-server-api/app/controllers/clients.rb in Chef Server in Chef ...) - TODO: check + - chef 0.10.10-1 CVE-2011-5097 (chef-server-api/app/controllers/cookbooks.rb in Chef Server in Chef ...) - TODO: check + - chef 0.10.10-1 CVE-2010-5142 (chef-server-api/app/controllers/users.rb in the API in Chef before ...) - TODO: check + - chef 0.10.10-1 CVE-2012-4146 (Opera before 12.01 allows remote attackers to cause a denial of ...) - TODO: check + NOT-FOR-US: Opera CVE-2012-4145 (Unspecified vulnerability in Opera before 12.01 on Windows and UNIX, ...) - TODO: check + NOT-FOR-US: Opera CVE-2012-4144 (Opera before 12.01 on Windows and UNIX, and before 11.66 and 12.x ...) - TODO: check + NOT-FOR-US: Opera CVE-2012-4143 (Opera before 12.01 on Windows and UNIX, and before 11.66 and 12.x ...) - TODO: check + NOT-FOR-US: Opera CVE-2012-4142 (Opera before 12.01 on Windows and UNIX, and before 11.66 and 12.x ...) - TODO: check + NOT-FOR-US: Opera CVE-2012-XXXX [redeclipse code execution through map files] - redeclipse 1.2-3 (bug #684143) -CVE-2012-XXXX [base64 buffer overflows] - - libotr <unfixed> (bug #684121) CVE-2012-XXXX [world-writeable directory] - gpe-tetris <unfixed> (bug #684178) CVE-2012-XXXX [local privilege escalation munin to root] @@ -384,7 +382,7 @@ CVE-2012-4006 RESERVED CVE-2012-4005 (The NHN Japan NAVER LINE application before 2.5.5 for Android does not ...) - TODO: check + NOT-FOR-US: NHN Japan NAVER LINE CVE-2012-4004 RESERVED CVE-2012-4003 @@ -1514,8 +1512,9 @@ RESERVED CVE-2012-3462 RESERVED -CVE-2012-3461 +CVE-2012-3461 [base64 buffer overflows] RESERVED + - libotr <unfixed> (bug #684121) CVE-2012-3460 RESERVED CVE-2012-3459 @@ -2574,7 +2573,7 @@ CVE-2012-3021 RESERVED CVE-2012-3020 (The Siemens Synco OZW Web Server devices OZW672.*, OZW772.*, and ...) - TODO: check + NOT-FOR-US: Siemens Synco OZW Web Server CVE-2012-3019 RESERVED CVE-2012-3018 (The lockout-recovery feature in the Security Configurator component in ...) @@ -2911,8 +2910,10 @@ RESERVED CVE-2012-2863 RESERVED + - chromium-browser <not-affected> (PDF functionality not present in Chromium) CVE-2012-2862 RESERVED + - chromium-browser <not-affected> (PDF functionality not present in Chromium) CVE-2012-2861 RESERVED CVE-2012-2860 (The date-picker implementation in Google Chrome before 21.0.1180.57 on ...) @@ -3775,11 +3776,11 @@ CVE-2012-2501 RESERVED CVE-2012-2500 (Cisco AnyConnect Secure Mobility Client 3.0 before 3.0.08057 does not ...) - TODO: check + NOT-FOR-US: Cisco CVE-2012-2499 (The IPsec implementation in Cisco AnyConnect Secure Mobility Client ...) - TODO: check + NOT-FOR-US: Cisco CVE-2012-2498 (Cisco AnyConnect Secure Mobility Client 3.0 through 3.0.08066 does not ...) - TODO: check + NOT-FOR-US: Cisco CVE-2012-2497 RESERVED CVE-2012-2496 (A certain Java applet in the VPN downloader implementation in the ...) @@ -3795,7 +3796,7 @@ CVE-2012-2491 RESERVED CVE-2012-2490 (Cisco IP Communicator 8.6 allows man-in-the-middle attackers to modify ...) - TODO: check + NOT-FOR-US: Cisco CVE-2012-2489 RESERVED CVE-2012-2488 (Cisco IOS XR before 4.2.1 on ASR 9000 series devices and CRS series ...) @@ -3827,17 +3828,17 @@ CVE-2012-2475 RESERVED CVE-2012-2474 (Memory leak on Cisco Adaptive Security Appliances (ASA) 5500 series ...) - TODO: check + NOT-FOR-US: Cisco CVE-2012-2473 RESERVED CVE-2012-2472 (Cisco Adaptive Security Appliances (ASA) 5500 series devices with ...) - TODO: check + NOT-FOR-US: Cisco CVE-2012-2471 RESERVED CVE-2012-2470 RESERVED CVE-2012-2469 (Cisco NX-OS 4.2, 5.0, 5.1, and 5.2 on Nexus 7000 series switches, when ...) - TODO: check + NOT-FOR-US: Cisco CVE-2012-2468 RESERVED CVE-2012-2467 @@ -4664,7 +4665,7 @@ CVE-2012-2189 RESERVED CVE-2012-2188 (IBM Power Hardware Management Console (HMC) 7R3.5.0 before SP4, ...) - TODO: check + NOT-FOR-US: IBM Power Hardware Management Console CVE-2012-2187 RESERVED CVE-2012-2186 @@ -6661,25 +6662,25 @@ CVE-2012-1371 RESERVED CVE-2012-1370 (Cisco AnyConnect Secure Mobility Client 3.0 before 3.0.08057 allows ...) - TODO: check + NOT-FOR-US: Cisco CVE-2012-1369 RESERVED CVE-2012-1368 RESERVED CVE-2012-1367 (The MallocLite implementation in Cisco IOS 12.0, 12.2, 15.0, 15.1, and ...) - TODO: check + NOT-FOR-US: Cisco CVE-2012-1366 RESERVED CVE-2012-1365 (Cisco Unified Computing System (UCS) 1.4 and 2.0 allows remote ...) - TODO: check + NOT-FOR-US: Cisco CVE-2012-1364 (Cisco Unified Computing System (UCS) 1.4 and 2.0 allows remote ...) - TODO: check + NOT-FOR-US: Cisco CVE-2012-1363 RESERVED CVE-2012-1362 RESERVED CVE-2012-1361 (Cisco IOS 15.1 and 15.2, when the Multicast Music-on-Hold (MMoH) ...) - TODO: check + NOT-FOR-US: Cisco CVE-2012-1360 RESERVED CVE-2012-1359