Author: jmm Date: 2012-08-20 09:02:44 +0000 (Mon, 20 Aug 2012) New Revision: 19987 Modified: data/CVE/list Log: new phpmyadmin non-issue wireshark fixed in sid, updated squeeze status for some issues Modified: data/CVE/list ==================================================================--- data/CVE/list 2012-08-20 02:45:35 UTC (rev 19986) +++ data/CVE/list 2012-08-20 09:02:44 UTC (rev 19987) @@ -124,47 +124,39 @@ CVE-2012-4299 RESERVED CVE-2012-4298 (Integer signedness error in the vwr_read_rec_data_ethernet function in ...) - - wireshark <unfixed> - TODO: check + - wireshark 1.8.2-1 + [squeeze] - wireshark <not-affected> (Only affects 1.8.x) CVE-2012-4297 (Buffer overflow in the dissect_gsm_rlcmac_downlink function in ...) - - wireshark <unfixed> - TODO: check + - wireshark 1.8.2-1 + [squeeze] - wireshark <not-affected> (Only affects 1.6.x and 1.8.x) CVE-2012-4296 (Buffer overflow in epan/dissectors/packet-rtps2.c in the RTPS2 ...) - - wireshark <unfixed> - TODO: check + - wireshark 1.8.2-1 CVE-2012-4295 (Array index error in the channelised_fill_sdh_g707_format function in ...) - - wireshark <unfixed> - TODO: check + - wireshark 1.8.2-1 + [squeeze] - wireshark <not-affected> (Only affects 1.8.x) CVE-2012-4294 (Buffer overflow in the channelised_fill_sdh_g707_format function in ...) - - wireshark <unfixed> - TODO: check + - wireshark 1.8.2-1 + [squeeze] - wireshark <not-affected> (Only affects 1.8.x) CVE-2012-4293 (plugins/ethercat/packet-ecatmb.c in the EtherCAT Mailbox dissector in ...) - - wireshark <unfixed> - TODO: check + - wireshark 1.8.2-1 CVE-2012-4292 (The dissect_stun_message function in epan/dissectors/packet-stun.c in ...) - - wireshark <unfixed> - TODO: check + - wireshark 1.8.2-1 CVE-2012-4291 (The CIP dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before ...) - - wireshark <unfixed> - TODO: check + - wireshark 1.8.2-1 CVE-2012-4290 (The CTDB dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before ...) - - wireshark <unfixed> - TODO: check + - wireshark 1.8.2-1 CVE-2012-4289 (epan/dissectors/packet-afp.c in the AFP dissector in Wireshark 1.4.x ...) - - wireshark <unfixed> - TODO: check + - wireshark 1.8.2-1 CVE-2012-4288 (Integer overflow in the dissect_xtp_ecntl function in ...) - - wireshark <unfixed> - TODO: check + - wireshark 1.8.2-1 CVE-2012-4287 (epan/dissectors/packet-mongo.c in the MongoDB dissector in Wireshark ...) - - wireshark <unfixed> - TODO: check + - wireshark 1.8.2-1 + [squeeze] - wireshark <not-affected> (Only affects 1.8.x) CVE-2012-4286 (The pcapng_read_packet_block function in wiretap/pcapng.c in the ...) - - wireshark <unfixed> - TODO: check + - wireshark 1.8.2-1 + [squeeze] - wireshark <not-affected> (Only affects 1.8.x) CVE-2012-4285 (The dissect_pft function in epan/dissectors/packet-dcp-etsi.c in the ...) - - wireshark <unfixed> - TODO: check + - wireshark 1.8.2-1 CVE-2012-4284 RESERVED CVE-2011-5099 (SQL injection vulnerability in helper/popup.php in the ccNewsletter ...) @@ -307,6 +299,8 @@ RESERVED CVE-2012-4219 RESERVED + - phpmyadmin <unfixed> (unimportant) + NOTE: Path disclosure irrelevant in Debian CVE-2012-4218 RESERVED CVE-2012-4217 @@ -9910,7 +9904,7 @@ NOT-FOR-US: Cisco CVE-2012-0283 (Cross-site scripting (XSS) vulnerability in the tpl_mediaFileList ...) - dokuwiki 0.0.20120125b-1 (low; bug #683378) - [squeeze] - dokuwiki <not-affected> + [squeeze] - dokuwiki <not-affected> (Vulnerable functionality not present, see #683378) CVE-2012-0282 (Heap-based buffer overflow in XnView before 1.99 allows remote ...) NOT-FOR-US: XnView CVE-2012-0281