Author: jmm Date: 2012-08-20 13:22:29 +0000 (Mon, 20 Aug 2012) New Revision: 19993 Modified: data/CVE/list Log: new gimp issues new gimp issue already fixed a long time ago new gimp issue is a non-issue new squidclamav issue condor fixed Modified: data/CVE/list ==================================================================--- data/CVE/list 2012-08-20 13:19:49 UTC (rev 19992) +++ data/CVE/list 2012-08-20 13:22:29 UTC (rev 19993) @@ -241,6 +241,8 @@ NOT-FOR-US: phplist CVE-2012-4245 RESERVED + - gimp <unfixed> (unimportant) + NOTE: The interface isn''t designed or advertised to be secure, this is hardly a security issue in practice CVE-2012-4244 RESERVED CVE-2012-4243 @@ -1817,7 +1819,7 @@ CVE-2012-3502 RESERVED CVE-2012-3501 - RESERVED + - squidclamav <unfixed> (bug #685398) CVE-2012-3500 RESERVED CVE-2012-3499 @@ -1864,7 +1866,7 @@ NOTE: http://www.fetchmail.info/fetchmail-SA-2012-02.txt CVE-2012-3481 [gimp gif plug-in heap-based buffer overflow] RESERVED - TODO: check + - gimp <unfixed> (bug #685397) NOTE: http://www.openwall.com/lists/oss-security/2012/08/20/8 NOTE: https://bugzilla.novell.com/show_bug.cgi?id=776572 CVE-2012-3480 @@ -2061,7 +2063,7 @@ NOTE: this is at least fixed in 4.00, I could not trace this back to an exact version CVE-2012-3416 RESERVED - - condor <unfixed> (bug #685366) + - condor 7.8.2~dfsg.1-1 (bug #685366) CVE-2012-3415 RESERVED - plpupload <itp> (bug #668396) @@ -2126,15 +2128,10 @@ NOTE: http://www.openwall.com/lists/oss-security/2012/07/11/17 CVE-2012-3403 [Gimp CEL plug-in heap buffer overflow when loading external palette files] RESERVED - TODO: check - NOTE: http://www.openwall.com/lists/oss-security/2012/08/20/7 - NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-3403 - NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=839020#c19 + - gimp <unfixed> (bug #685397) CVE-2012-3402 [Gimp PSD plug-in Heap-buffer overflow by decoding certain PSD headers] - RESERVED - TODO: check - NOTE: http://www.openwall.com/lists/oss-security/2012/08/20/6 - NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-3402 + - gimp 2.4.0~rc1-1 + NOTE: Only affects 2.2 series CVE-2012-3401 (The t2p_read_tiff_init function in tiff2pdf (tools/tiff2pdf.c) in ...) - tiff 4.0.2-2 (bug #682115) - tiff3 3.9.6-7 (bug #682195)