Author: jmm Date: 2011-09-15 07:13:44 +0000 (Thu, 15 Sep 2011) New Revision: 17245 Modified: data/CVE/list Log: new tahoe-lafs issue libav/wireshark CVEfied Modified: data/CVE/list ==================================================================--- data/CVE/list 2011-09-14 21:14:24 UTC (rev 17244) +++ data/CVE/list 2011-09-15 07:13:44 UTC (rev 17245) @@ -1,3 +1,5 @@ +CVE-2011-XXXX + - tahoe-lafs 1.8.3-1 (bug #641540) CVE-2011-3475 RESERVED CVE-2011-3474 @@ -132,12 +134,6 @@ - phpmyadmin 4:3.4.5-1 [squeeze] - phpmyadmin <not-affected> (Vulnerable code not present) [lenny] - phpmyadmin <not-affected> (Vulnerable code not present) -CVE-2011-XXXX [libavcodec insufficient boundary check in CAVS] - - libav 4:0.6-1 (bug #641478) - - ffmpeg <removed> - - ffmpeg-debian <end-of-life> - NOTE: http://www.ocert.org/advisories/ocert-2011-002.html - NOTE: CVE ID requested CVE-2011-XXXX [BackupPC XSS in Browse.pm] - backuppc 3.2.1-1 (bug #641450) NOTE: http://sourceforge.net/mailarchive/forum.php?thread_name=f1f1ef74-716d-4af8-b1bf-c1ba6d9a98a1%40SC1EXHC-02.global.atheros.com&forum_name=backuppc-devel @@ -148,20 +144,17 @@ NOTE: https://www.djangoproject.com/weblog/2011/sep/09/security-releases-issued/ NOTE: https://www.djangoproject.com/weblog/2011/sep/10/127/ NOTE: CVE id requested on oss-security -CVE-2011-XXXX [Wireshark CSN.1 dissector vulnerability] +CVE-2011-3482 [Wireshark CSN.1 dissector vulnerability] - wireshark <unfixed> [squeeze] - wireshark <not-affected> (Affects only 1.6.0 and 1.6.1) [lenny] - wireshark <not-affected> (Affects only 1.6.0 and 1.6.1) NOTE: http://www.wireshark.org/security/wnpa-sec-2011-16.html -CVE-2011-XXXX [Wireshark Lua script execution vulnerability] - - wireshark <unfixed> (low) - NOTE: http://www.wireshark.org/security/wnpa-sec-2011-15.html -CVE-2011-XXXX [Wireshark buffer exception handling vulnerability] +CVE-2011-3483 [Wireshark buffer exception handling vulnerability] - wireshark <unfixed> [squeeze] - wireshark <not-affected> (Affects only 1.6.0 and 1.6.1) [lenny] - wireshark <not-affected> (Affects only 1.6.0 and 1.6.1) NOTE: http://www.wireshark.org/security/wnpa-sec-2011-14.html -CVE-2011-XXXX [Wireshark OpenSafety dissector vulnerability] +CVE-2011-3484 [Wireshark OpenSafety dissector vulnerability] - wireshark <unfixed> [squeeze] - wireshark <not-affected> (Affects only 1.6.0 and 1.6.1) [lenny] - wireshark <not-affected> (Affects only 1.6.0 and 1.6.1) @@ -318,12 +311,18 @@ RESERVED CVE-2011-3363 RESERVED -CVE-2011-3362 +CVE-2011-3362 [libavcodec insufficient boundary check in CAVS] RESERVED + - libav 4:0.6-1 (bug #641478) + - ffmpeg <removed> + - ffmpeg-debian <end-of-life> + NOTE: http://www.ocert.org/advisories/ocert-2011-002.html CVE-2011-3361 RESERVED -CVE-2011-3360 +CVE-2011-3360 [Wireshark Lua script execution vulnerability] RESERVED + - wireshark <unfixed> (low) + NOTE: http://www.wireshark.org/security/wnpa-sec-2011-15.html CVE-2011-3359 RESERVED - linux-2.6 2.6.39-1