Author: gilbert-guest
Date: 2011-03-27 23:01:56 +0000 (Sun, 27 Mar 2011)
New Revision: 16443
Modified:
data/CVE/list
Log:
various squeeze point updates entered wheezy
Modified: data/CVE/list
==================================================================---
data/CVE/list 2011-03-27 21:17:14 UTC (rev 16442)
+++ data/CVE/list 2011-03-27 23:01:56 UTC (rev 16443)
@@ -305,6 +305,7 @@
CVE-2011-1413 (Google Chrome before 10.0.648.127 on Linux does not properly
mitigate ...)
- chromium-browser 10.0.648.127~r76697-1
[squeeze] - chromium-browser <not-affected>
+ [wheezy] - chromium-browser <not-affected>
- webkit <not-affected> (chromium specific)
CVE-2011-1412
RESERVED
@@ -562,6 +563,7 @@
CVE-2011-1290 (Integer overflow in WebKit, as used on the Research In Motion
(RIM) ...)
{DSA-2192-1}
- chromium-browser 10.0.648.133~r77742-1
+ [wheezy] - chromium-browser 6.0.472.63~r59945-5+squeeze4
- webkit <unfixed>
NOTE: needs port
NOTE: http://trac.webkit.org/changeset/80787
@@ -742,11 +744,13 @@
CVE-2011-1204 (Google Chrome before 10.0.648.127 does not properly handle
attributes, ...)
- chromium-browser 10.0.648.127~r76697-1
[squeeze] - chromium-browser <no-dsa> (hard merge)
- - webkit <unfixed>
+ - webkit <unfixed> (low)
NOTE: http://trac.webkit.org/changeset/79810
+ NOTE: very hard to merge: needs introduction of ScopedEventQueue.cpp
CVE-2011-1203 (Google Chrome before 10.0.648.127 does not properly handle SVG
...)
{DSA-2189-1}
- chromium-browser 10.0.648.127~r76697-1
+ [wheezy] - chromium-browser 6.0.472.63~r59945-5+squeeze4
- webkit <unfixed>
NOTE: http://trac.webkit.org/changeset/79476
CVE-2011-1202 (Unspecified vulnerability in the XSLT implementation in Google
Chrome ...)
@@ -757,38 +761,44 @@
CVE-2011-1201 (The context implementation in WebKit, as used in Google Chrome
before ...)
- chromium-browser 10.0.648.127~r76697-1
[squeeze] - chromium-browser <not-affected>
+ [wheezy] - chromium-browser <not-affected>
- webkit <not-affected> (losecontext not present in 1.2)
TODO: recheck webkit 1.3
NOTE: http://trac.webkit.org/changeset/78921
CVE-2011-1200 (Google Chrome before 10.0.648.127 does not properly perform a
cast of ...)
- chromium-browser 10.0.648.127~r76697-1
[squeeze] - chromium-browser <not-affected>
+ [wheezy] - chromium-browser <not-affected>
- webkit <not-affected> (vulnerable code not present)
TODO: recheck webkit 1.3
NOTE: http://trac.webkit.org/changeset/78744
CVE-2011-1199 (Google Chrome before 10.0.648.127 does not properly handle
DataView ...)
- chromium-browser 10.0.648.127~r76697-1
[squeeze] - chromium-browser <not-affected>
+ [wheezy] - chromium-browser <not-affected>
- webkit <not-affected> (issue in libv8 bindings)
NOTE: https://trac.webkit.org/changeset/78738
CVE-2011-1198 (The video functionality in Google Chrome before 10.0.648.127
allows ...)
- chromium-browser 10.0.648.127~r76697-1
[squeeze] - chromium-browser <not-affected>
+ [wheezy] - chromium-browser <not-affected>
- ffmpeg <undetermined>
TODO: need info on ffmpeg
CVE-2011-1197 (Google Chrome before 10.0.648.127 does not properly perform
table ...)
{DSA-2189-1}
- chromium-browser 10.0.648.127~r76697-1
- - webkit <unfixed>
+ [wheezy] - chromium-browser 6.0.472.63~r59945-5+squeeze4
NOTE: http://trac.webkit.org/changeset/79734
CVE-2011-1196 (The OGG container implementation in Google Chrome before
10.0.648.127 ...)
- chromium-browser 10.0.648.127~r76697-1
[squeeze] - chromium-browser <not-affected>
+ [wheezy] - chromium-browser <not-affected>
- ffmpeg <undetermined>
TODO: need info on ffmpeg
CVE-2011-1195 (Use-after-free vulnerability in Google Chrome before
10.0.648.127 ...)
- chromium-browser 10.0.648.127~r76697-1
[squeeze] - chromium-browser <not-affected>
+ [wheezy] - chromium-browser <not-affected>
- webkit <not-affected> (vulnerable code not present)
TODO: recheck webkit 1.3
NOTE: http://trac.webkit.org/changeset/78147
@@ -803,27 +813,32 @@
CVE-2011-1192 (Google Chrome before 10.0.648.127 on Linux does not properly
handle ...)
- chromium-browser 10.0.648.127~r76697-1
[squeeze] - chromium-browser <not-affected>
+ [wheezy] - chromium-browser <not-affected>
- webkit <not-affected> (issue in chromium-specific code)
NOTE: http://trac.webkit.org/changeset/76732
CVE-2011-1191 (Use-after-free vulnerability in Google Chrome before
10.0.648.127 ...)
- chromium-browser 10.0.648.127~r76697-1
[squeeze] - chromium-browser <not-affected>
+ [wheezy] - chromium-browser <not-affected>
- webkit <not-affected> (vulnerable code not yet present)
TODO: recheck webkit 1.3
NOTE: http://trac.webkit.org/changeset/76652
CVE-2011-1190 (The Web Workers implementation in Google Chrome before
10.0.648.127 ...)
{DSA-2189-1}
- chromium-browser 10.0.648.127~r76697-1
+ [wheezy] - chromium-browser 6.0.472.63~r59945-5+squeeze4
- webkit <unfixed>
NOTE: http://trac.webkit.org/changeset/77563
CVE-2011-1189 (Google Chrome before 10.0.648.127 does not properly perform box
...)
{DSA-2189-1}
- chromium-browser 10.0.648.127~r76697-1
+ [wheezy] - chromium-browser 6.0.472.63~r59945-5+squeeze4
- webkit <unfixed>
NOTE: http://trac.webkit.org/changeset/79689
CVE-2011-1188 (Google Chrome before 10.0.648.127 does not properly handle
counter ...)
{DSA-2189-1}
- chromium-browser 10.0.648.127~r76697-1
+ [wheezy] - chromium-browser 6.0.472.63~r59945-5+squeeze4
- webkit <undetermined>
NOTE: http://trac.webkit.org/changeset/77142
TODO: ^ this commit only contains tests for the issue, need commit # for fix
@@ -1002,90 +1017,107 @@
CVE-2011-1125 (Google Chrome before 9.0.597.107 does not properly perform
layout, ...)
- chromium-browser 9.0.597.107~r75357-1
[squeeze] - chromium-browser <not-affected>
+ [wheezy] - chromium-browser <not-affected>
- webkit <not-affected> (vulnerable code introduced in commit 75823)
TODO: recheck once webkit 1.3 enters unstable
NOTE: http://trac.webkit.org/changeset/78775
CVE-2011-1124 (Use-after-free vulnerability in Google Chrome before 9.0.597.107
...)
- chromium-browser 9.0.597.107~r75357-1
[squeeze] - chromium-browser <not-affected>
+ [wheezy] - chromium-browser <not-affected>
- webkit <not-affected> (Chromium specific)
CVE-2011-1123 (Google Chrome before 9.0.597.107 does not properly restrict
access to ...)
- chromium-browser 9.0.597.107~r75357-1
[squeeze] - chromium-browser <not-affected>
+ [wheezy] - chromium-browser <not-affected>
- webkit <not-affected> (chromium specific)
CVE-2011-1122 (The WebGL implementation in Google Chrome before 9.0.597.107
allows ...)
{DSA-2189-1}
- chromium-browser 9.0.597.107~r75357-1
+ [wheezy] - chromium-browser 6.0.472.63~r59945-5+squeeze4
- webkit <undetermined>
NOTE: https://bugs.webkit.org/show_bug.cgi?id=53782
TODO: ^ this bug is embargoed, please note the commit #
CVE-2011-1121 (Integer overflow in Google Chrome before 9.0.597.107 allows
remote ...)
{DSA-2189-1}
- chromium-browser 9.0.597.107~r75357-1
+ [wheezy] - chromium-browser 6.0.472.63~r59945-5+squeeze4
- webkit <unfixed>
NOTE: needs port (s/logicalBottom/bottom)
NOTE: http://trac.webkit.org/changeset/77565
CVE-2011-1120 (The WebGL implementation in Google Chrome before 9.0.597.107
allows ...)
- chromium-browser 9.0.597.107~r75357-1
[squeeze] - chromium-browser <not-affected>
+ [wheezy] - chromium-browser 6.0.472.63~r59945-5+squeeze4
- webkit <not-affected> (webgl support not present in 1.2)
TODO: recheck webkit 1.3 once its uploaded to unstable
NOTE: http://trac.webkit.org/changeset/77956
CVE-2011-1119 (Google Chrome before 9.0.597.107 does not properly determine
device ...)
- chromium-browser 9.0.597.107~r75357-1
[squeeze] - chromium-browser <not-affected>
+ [wheezy] - chromium-browser <not-affected>
- webkit <not-affected> (device orientation code/support not present in
1.2)
TODO: recheck webkit 1.3 once its uploaded to unstable
NOTE: http://trac.webkit.org/changeset/77418
CVE-2011-1118 (Google Chrome before 9.0.597.107 does not properly handle
TEXTAREA ...)
- chromium-browser 9.0.597.107~r75357-1
[squeeze] - chromium-browser <not-affected>
+ [wheezy] - chromium-browser <not-affected>
- webkit <unfixed>
NOTE: http://trac.webkit.org/changeset/77144
CVE-2011-1117 (Google Chrome before 9.0.597.107 does not properly handle XHTML
...)
- chromium-browser 9.0.597.107~r75357-1
[squeeze] - chromium-browser <not-affected>
+ [wheezy] - chromium-browser <not-affected>
- webkit <unfixed>
NOTE: http://trac.webkit.org/changeset/77262
CVE-2011-1116 (Google Chrome before 9.0.597.107 does not properly handle SVG
...)
- chromium-browser 9.0.597.107~r75357-1
[squeeze] - chromium-browser <not-affected>
+ [wheezy] - chromium-browser <not-affected>
- webkit <unfixed>
NOTE: http://trac.webkit.org/changeset/77548
CVE-2011-1115 (Google Chrome before 9.0.597.107 does not properly render
tables, ...)
{DSA-2189-1}
- chromium-browser 9.0.597.107~r75357-1
+ [wheezy] - chromium-browser 6.0.472.63~r59945-5+squeeze4
- webkit <unfixed>
NOTE: http://trac.webkit.org/changeset/76915
CVE-2011-1114 (Google Chrome before 9.0.597.107 does not properly handle
tables, ...)
{DSA-2189-1}
- chromium-browser 9.0.597.107~r75357-1
+ [wheezy] - chromium-browser 6.0.472.63~r59945-5+squeeze4
- webkit <not-affected> (vulnerable code introduced after 1.2, and the
fix restores this code to its 1.2 state)
TODO: check webkit 1.3 once it enters unstable
NOTE: http://trac.webkit.org/changeset/77141
CVE-2011-1113 (Google Chrome before 9.0.597.107 on 64-bit Linux platforms does
not ...)
{DSA-2189-1}
- chromium-browser 9.0.597.107~r75357-1
+ [wheezy] - chromium-browser 6.0.472.63~r59945-5+squeeze4
- webkit <not-affected> (chromium specific)
CVE-2011-1112 (Google Chrome before 9.0.597.107 does not properly perform SVG
...)
- chromium-browser 9.0.597.107~r75357-1
[squeeze] - chromium-browser <not-affected>
+ [wheezy] - chromium-browser <not-affected>
- webkit <not-affected> (Chromium specific)
CVE-2011-1111 (Google Chrome before 9.0.597.107 does not properly implement
forms ...)
- chromium-browser 9.0.597.107~r75357-1
[squeeze] - chromium-browser <not-affected>
+ [wheezy] - chromium-browser <not-affected>
- webkit <unfixed>
NOTE: needs port (s/FormAssociatedElement/HTMLFormElement)
NOTE: http://trac.webkit.org/changeset/77114
CVE-2011-1110 (Google Chrome before 9.0.597.107 does not properly implement key
frame ...)
- chromium-browser 9.0.597.107~r75357-1
[squeeze] - chromium-browser <not-affected>
+ [wheezy] - chromium-browser <not-affected>
- webkit <not-affected> (vulnerable code not present in 1.2)
TODO: check webkit 1.3 once it gets uploaded to unstable
NOTE: http://trac.webkit.org/changeset/76828
CVE-2011-1109 (Google Chrome before 9.0.597.107 does not properly process nodes
in ...)
{DSA-2189-1}
- chromium-browser 9.0.597.107~r75357-1
+ [wheezy] - chromium-browser 6.0.472.63~r59945-5+squeeze4
- webkit <unfixed>
NOTE: http://trac.webkit.org/changeset/76728
CVE-2011-1108 (Google Chrome before 9.0.597.107 does not properly implement
...)
@@ -1212,6 +1244,7 @@
- linux-2.6 2.6.38-1
[lenny] - linux-2.6 <not-affected> (Introduced in 2.6.36)
[squeeze] - linux-2.6 <not-affected> (Introduced in 2.6.36)
+ [wheezy] - linux-2.6 <not-affected> (Introduced in 2.6.36)
CVE-2011-1075
RESERVED
CVE-2011-1074 (crontab.c in crontab in FreeBSD allows local users to determine
the ...)
@@ -1381,6 +1414,7 @@
CVE-2011-1021
RESERVED
- linux-2.6 2.6.37-1
+ [wheezy] - linux-2.6 <not-affected> (Introduced in 2.6.33)
[squeeze] - linux-2.6 <not-affected> (Introduced in 2.6.33)
[lenny] - linux-2.6 <not-affected> (Introduced in 2.6.33)
CVE-2011-1020 (The proc filesystem implementation in the Linux kernel 2.6.37
and ...)
@@ -1547,27 +1581,32 @@
CVE-2011-0985 (Google Chrome before 9.0.597.94 does not properly perform
process ...)
{DSA-2166-1}
- chromium-browser 9.0.597.98~r74359-1
+ [wheezy] - chromium-browser 6.0.472.63~r59945-5+squeeze4
- webkit <not-affected> (Chromium specific)
CVE-2011-0984 (Google Chrome before 9.0.597.94 does not properly handle
plug-ins, ...)
{DSA-2166-1}
- chromium-browser 9.0.597.98~r74359-1
+ [wheezy] - chromium-browser 6.0.472.63~r59945-5+squeeze4
- webkit <not-affected> (doesn''t include v8 code)
NOTE: http://trac.webkit.org/changeset/76264
TODO: ^ this has to be the wrong commit, its a v8 fix, but that
doesn''t match the description at all
CVE-2011-0983 (Google Chrome before 9.0.597.94 does not properly handle
anonymous ...)
{DSA-2166-1}
- chromium-browser 9.0.597.98~r74359-1
+ [wheezy] - chromium-browser 6.0.472.63~r59945-5+squeeze4
- webkit <not-affected> (vulnerable code not yet present in 1.2)
TODO: check webkit > 1.3 when it gets uploaded
NOTE: http://trac.webkit.org/changeset/75810
CVE-2011-0982 (Use-after-free vulnerability in Google Chrome before 9.0.597.94
allows ...)
- chromium-browser 9.0.597.98~r74359-1
[squeeze] - chromium-browser <not-affected>
+ [wheezy] - chromium-browser 6.0.472.63~r59945-5+squeeze4
- webkit <unfixed>
NOTE: http://trac.webkit.org/changeset/76990
CVE-2011-0981 (Google Chrome before 9.0.597.94 does not properly perform event
...)
{DSA-2166-1}
- chromium-browser 9.0.597.98~r74359-1
+ [wheezy] - chromium-browser 6.0.472.63~r59945-5+squeeze4
- webkit <unfixed>
NOTE: http://trac.webkit.org/changeset/76708
CVE-2011-0980 (Microsoft Office Excel 2003 does not properly parse Office Art
...)
@@ -1969,10 +2008,12 @@
CVE-2011-0784 (Race condition in Google Chrome before 9.0.597.84 allows remote
...)
- chromium-browser 9.0.597.84~r72991-1
[squeeze] - chromium-browser <not-affected>
+ [wheezy] - chromium-browser 6.0.472.63~r59945-5+squeeze4
- webkit <not-affected> (chromium specific)
CVE-2011-0783 (Unspecified vulnerability in Google Chrome before 9.0.597.84
allows ...)
{DSA-2166-1}
- chromium-browser 9.0.597.84~r72991-1
+ [wheezy] - chromium-browser 6.0.472.63~r59945-5+squeeze4
- webkit <not-affected> (chromium specific)
CVE-2011-0782 (Google Chrome before 9.0.597.84 on Mac OS X does not properly
mitigate ...)
- chromium-browser <not-affected> (mac only)
@@ -1986,15 +2027,18 @@
CVE-2011-0779 (Google Chrome before 9.0.597.84 does not properly handle a
missing key ...)
{DSA-2192-1}
- chromium-browser 9.0.597.84~r72991-1
+ [wheezy] - chromium-browser 6.0.472.63~r59945-5+squeeze4
- webkit <not-affected> (chromium specific)
CVE-2011-0778 (Google Chrome before 9.0.597.84 does not properly restrict drag
and ...)
{DSA-2188-1 DSA-2166-1}
- chromium-browser 9.0.597.84~r72991-1
+ [wheezy] - chromium-browser 6.0.472.63~r59945-5+squeeze4
- webkit 1.2.7-1
NOTE: http://trac.webkit.org/changeset/71925
CVE-2011-0777 (Use-after-free vulnerability in Google Chrome before 9.0.597.84
allows ...)
{DSA-2166-1}
- chromium-browser 9.0.597.84~r72991-1
+ [wheezy] - chromium-browser 6.0.472.63~r59945-5+squeeze4
- webkit <unfixed>
NOTE: http://trac.webkit.org/changeset/72230
CVE-2011-0776 (The sandbox implementation in Google Chrome before 9.0.597.84 on
Mac ...)
@@ -2219,6 +2263,7 @@
- linux-2.6 2.6.38-1 (low)
[lenny] - linux-2.6 <not-affected> (Vulnerable code not present,
introduced in 2.6.34)
[squeeze] - linux-2.6 <not-affected> (Vulnerable code not present,
introduced in 2.6.34)
+ [wheezy] - linux-2.6 <not-affected> (Vulnerable code not present,
introduced in 2.6.34)
CVE-2011-0715 (The mod_dav_svn module for the Apache HTTP Server, as
distributed in ...)
{DSA-2181-1}
- subversion 1.6.16dfsg-1
@@ -2282,6 +2327,7 @@
CVE-2011-0699
RESERVED
- linux-2.6 2.6.37-2
+ [wheezy] - linux-2.6 <not-affected> (code introduced in .37)
[squeeze] - linux-2.6 <not-affected> (code introduced in .37)
[lenny] - linux-2.6 <not-affected> (code introduced in .37)
CVE-2011-0698 (Directory traversal vulnerability in Django 1.1.x before 1.1.4
and ...)
@@ -2784,6 +2830,7 @@
CVE-2011-0495 (Stack-based buffer overflow in the ast_uri_encode function in
...)
{DSA-2171-1}
- asterisk <unfixed> (bug #610487)
+ [wheezy] - asterisk 1:1.6.2.9-2+squeeze1
CVE-2011-0494 (Directory traversal vulnerability in WebSEAL in IBM Tivoli
Access ...)
NOT-FOR-US: IBM Tivoli Access Manager
CVE-2011-0489 (The server components in Objectivity/DB 10.0 do not require ...)
@@ -2824,6 +2871,7 @@
CVE-2011-0485 (Google Chrome before 8.0.552.237 and Chrome OS before
8.0.552.344 do ...)
- chromium-browser 9.0.597.45~r70550-1
[squeeze] - chromium-browser <not-affected>
+ [wheezy] - chromium-browser 6.0.472.63~r59945-5+squeeze4
- webkit <not-affected> (chromium specific)
CVE-2011-0484 (Google Chrome before 8.0.552.237 and Chrome OS before
8.0.552.344 do ...)
- chromium-browser 6.0.472.63~r59945-5
@@ -2851,6 +2899,7 @@
CVE-2011-0479 (Google Chrome before 8.0.552.237 and Chrome OS before
8.0.552.344 do ...)
- chromium-browser 9.0.597.45~r70550-1
[squeeze] - chromium-browser <not-affected>
+ [wheezy] - chromium-browser <not-affected>
- webkit <not-affected> (chromium specific)
CVE-2011-0478 (Google Chrome before 8.0.552.237 and Chrome OS before
8.0.552.344 do ...)
- chromium-browser 6.0.472.63~r59945-5
@@ -2885,6 +2934,7 @@
CVE-2011-0470 (Google Chrome before 8.0.552.237 and Chrome OS before
8.0.552.344 do ...)
- chromium-browser 9.0.597.45~r70550-1
[squeeze] - chromium-browser <not-affected>
+ [wheezy] - chromium-browser <not-affected>
- webkit <not-affected> (chromium specific)
CVE-2011-0469
RESERVED
@@ -4091,6 +4141,7 @@
CVE-2011-0064 (The hb_buffer_ensure function in hb-buffer.c in HarfBuzz, as
used in ...)
{DSA-2178-1}
- pango1.0 1.28.3-2~sid1
+ [wheezy] - 1.28.3-1+squeeze2
[lenny] - pango1.0 <not-affected> (introduced in code cleanup)
CVE-2011-0063 (The _list_file_get function in lib/Majordomo.pm in Majordomo 2
...)
TODO: check
@@ -4436,6 +4487,7 @@
- linux-2.6 2.6.35-1
[squeeze] - linux-2.6 <not-affected> (Only affects 2.6.33/2.6.34)
[lenny] - linux-2.6 <not-affected> (Only affects 2.6.33/2.6.34)
+ [wheezy] - linux-2.6 <not-affected> (Only affects 2.6.33/2.6.34)
CVE-2010-4524 (Cross-site scripting (XSS) vulnerability in lib/mhtxthtml.pl in
...)
- mhonarc 2.6.18-1 (low; bug #607693)
CVE-2010-4522 (Multiple cross-site scripting (XSS) vulnerabilities in MyBB (aka
...)
@@ -4612,6 +4664,7 @@
CVE-2010-4491 (Google Chrome before 8.0.552.215 does not properly restrict
privileged ...)
- chromium-browser 9.0.597.45~r70550-1
[squeeze] - chromium-browser <not-affected>
+ [wheezy] - chromium-browser <not-affected>
- webkit <not-affected> (issue in chromium-specific webkit code)
NOTE: http://code.google.com/p/chromium/issues/detail?id=62168
NOTE: http://trac.webkit.org/changeset/71533
@@ -5297,6 +5350,7 @@
- linux-2.6 2.6.37-1
[squeeze] - linux-2.6 <not-affected> (Introduced after 2.6.32)
[lenny] - linux-2.6 <not-affected> (Introduced after 2.6.32)
+ [wheezy] - linux-2.6 <not-affected> (Introduced after 2.6.32)
CVE-2010-4249 (The wait_for_unix_gc function in net/unix/garbage.c in the Linux
...)
{DSA-2153-1}
- linux-2.6 2.6.32-30
@@ -5844,6 +5898,7 @@
- webkit <not-affected> (issue in chromium code base)
- chromium-browser 9.0.570
[squeeze] - chromium-browser <not-affected> (websocket_experiment not
enabled in v6)
+ [wheezy] - chromium-browser <not-affected>
CVE-2010-4037 (Unspecified vulnerability in Google Chrome before 7.0.517.41
allows ...)
- webkit <not-affected> (affected gesture code not present in 1.2.x)
- chromium-browser <unfixed> (unimportant)
@@ -7664,6 +7719,7 @@
CVE-2010-3386 (usttrace in LTTng Userspace Tracer (aka UST) 0.7 places a
zero-length ...)
- ust 0.7-2.1 (bug #598309)
[squeeze] - ust 0.5-1+squeeze1
+ [wheezy] - ust 0.5-1+squeeze1
CVE-2010-3385 (TuxGuitar 1.2 places a zero-length directory name in the ...)
- tuxguitar 1.2-7 (bug #598307)
[lenny] - tuxguitar <no-dsa> (Minor issue)
@@ -7682,6 +7738,7 @@
[lenny] - tangerine <no-dsa> (minor issue)
CVE-2010-3380 (The (1) init.d/slurm and (2) init.d/slurmdbd scripts in SLURM
before ...)
- slurm-llnl 2.1.15-2 (bug #602340)
+ [wheezy] - slurm-llnl 2.1.11-1squeeze1 (bug #602340)
[squeeze] - slurm-llnl 2.1.11-1squeeze1 (bug #602340)
[lenny] - slurm-llnl <no-dsa> (Minor issue)
NOTE: Debian package ships its own, also vulnerable, init script. NOT fixed in
2.1.14-1