thr3ads.net - Secure testing commits - [Secure-testing-commits] r17636

If this information is useful, please help other people find it:
Share via:
Moritz Muehlenhoff
2011-Nov-18 21:13 UTC
[Secure-testing-commits] r17636 - in data: CVE DSA

Author: jmm
Date: 2011-11-18 21:13:45 +0000 (Fri, 18 Nov 2011)
New Revision: 17636

Modified:
   data/CVE/list
   data/DSA/list
Log:
- gnutls fixed
- asterisk fixed
- start merging Moodle CVE assignments (drop the ones w/o sec impact)


Modified: data/CVE/list
==================================================================---
data/CVE/list	2011-11-18 13:22:24 UTC (rev 17635)
+++ data/CVE/list	2011-11-18 21:13:45 UTC (rev 17636)
@@ -12,7 +12,6 @@
 	RESERVED
 CVE-2011-4456
 	REJECTED
-	TODO: check
 CVE-2011-4455
 	RESERVED
 CVE-2011-4454
@@ -384,36 +383,51 @@
 	RESERVED
 CVE-2011-4293
 	RESERVED
-CVE-2011-4292
+CVE-2011-4292 [MSA-11-0017]
 	RESERVED
-CVE-2011-4291
+	- moodle <not-affected> (Only affects 2.x)
+CVE-2011-4291 [MSA-11-0016]
 	RESERVED
-CVE-2011-4290
+	- moodle <not-affected> (Only affects 2.x)
+CVE-2011-4290 [MSA-11-0015]
 	RESERVED
-CVE-2011-4289
+	- moodle 1.9.9.dfsg2-3
+CVE-2011-4289 [MSA-11-0014]
 	RESERVED
-CVE-2011-4288
+	- moodle <not-affected> (Only affects 2.x)
+CVE-2011-4288 [MSA-11-0013]
 	RESERVED
-CVE-2011-4287
+	- moodle 1.9.9.dfsg2-3
+CVE-2011-4287 [MSA-11-0012]
 	RESERVED
-CVE-2011-4286
+	- moodle <not-affected> (Only affects 2.x)
+CVE-2011-4286 [MSA-11-0011]
 	RESERVED
-CVE-2011-4285
+	- moodle 1.9.9.dfsg2-3
+CVE-2011-4285 [MSA-11-0010]
 	RESERVED
-CVE-2011-4284
+	- moodle <not-affected> (Only affects 2.x)
+CVE-2011-4284 [MSA-11-0009]
 	RESERVED
-CVE-2011-4283
+	- moodle <not-affected> (Only affects 2.x)
+CVE-2011-4283 [MSA-11-0008]
 	RESERVED
-CVE-2011-4282
+	- moodle 1.9.9.dfsg2-3
+CVE-2011-4282 [MSA-11-0007]
 	RESERVED
-CVE-2011-4281
+	- moodle <not-affected> (Only affects 2.x)
+CVE-2011-4281 [MSA-11-0006]
 	RESERVED
-CVE-2011-4280
+	- moodle <not-affected> (Only affects 2.x)
+CVE-2011-4280 [MSA-11-0005]
 	RESERVED
-CVE-2011-4279
+	- moodle <not-affected> (Only affects 2.x)
+CVE-2011-4279 [MSA-11-0004]
 	RESERVED
-CVE-2011-4278
+	- moodle <not-affected> (Only affects 2.x)
+CVE-2011-4278 [MSA-11-0003]
 	RESERVED
+	- moodle 1.9.9.dfsg2-3
 CVE-2011-4277 (Cross-site scripting (XSS) vulnerability in CourseForum
ProjectForum ...)
 	NOT-FOR-US: CourseForum
 CVE-2011-4276
@@ -708,8 +722,6 @@
 	RESERVED
 CVE-2011-4209
 	RESERVED
-CVE-2011-XXXX [MSA-11-0018]
-	- moodle <not-affected> (Only affects 2.x)
 CVE-2011-XXXX [MSA-11-0019]
 	- moodle <not-affected> (Only affects 2.x)
 CVE-2011-XXXX [MSA-11-0020]
@@ -721,23 +733,12 @@
 	- moodle <not-affected> (Only affects 2.x)
 CVE-2011-XXXX [MSA-11-0023]
 	- moodle <not-affected> (Only affects 2.x)
-CVE-2011-XXXX [MSA-11-0024]
-	- moodle 1.9.9.dfsg2-4
-	[squeeze] - moodle 1.9.9.dfsg2-2.1+squeeze2
-CVE-2011-XXXX [MSA-11-0025]
-	- moodle 1.9.9.dfsg2-4
-	[squeeze] - moodle 1.9.9.dfsg2-2.1+squeeze2
-CVE-2011-XXXX [MSA-11-0026]
-	- moodle 1.9.9.dfsg2-4
-	[squeeze] - moodle 1.9.9.dfsg2-2.1+squeeze2
 CVE-2011-XXXX [MSA-11-0027]
 	- moodle <not-affected> (Only affects 2.x)
 CVE-2011-XXXX [MSA-11-0028]
 	- moodle <not-affected> (Only affects 2.x)
 CVE-2011-XXXX [MSA-11-0029]
 	- moodle <not-affected> (Only affects 2.x)
-CVE-2011-XXXX [MSA-11-0030]
-	- moodle <not-affected> (Only affects 2.x)
 CVE-2011-XXXX [MSA-11-0031]
 	- moodle 1.9.9.dfsg2-4
 	[squeeze] - moodle 1.9.9.dfsg2-2.1+squeeze2
@@ -748,17 +749,12 @@
 	- moodle <not-affected> (Only affects 2.x)
 CVE-2011-XXXX [MSA-11-0034]
 	- moodle <not-affected> (Only affects 2.x)
-CVE-2011-XXXX [MSA-11-0035]
-	- moodle <not-affected> (Only affects 2.x)
 CVE-2011-XXXX [MSA-11-0036]
 	- moodle 1.9.9.dfsg2-4
 	[squeeze] - moodle 1.9.9.dfsg2-2.1+squeeze2
 CVE-2011-XXXX [MSA-11-0037]
 	- moodle 1.9.9.dfsg2-4
 	[squeeze] - moodle 1.9.9.dfsg2-2.1+squeeze2
-CVE-2011-XXXX [MSA-11-0038]
-	- moodle 1.9.9.dfsg2-4
-	[squeeze] - moodle 1.9.9.dfsg2-2.1+squeeze2
 CVE-2011-XXXX [MSA-11-0039]
 	- moodle <not-affected> (Only affects 2.x)
 CVE-2011-XXXX [MSA-11-0040]
@@ -941,8 +937,9 @@
 	RESERVED
 CVE-2011-4134
 	RESERVED
-CVE-2011-4133
+CVE-2011-4133 [MSA-11-0002]
 	RESERVED
+	- moodle 1.9.9.dfsg2-3
 CVE-2011-4132
 	RESERVED
 	- linux-2.6 <unfixed>
@@ -960,7 +957,7 @@
 	RESERVED
 CVE-2011-4128
 	RESERVED
-	- gnutls26 <unfixed> (bug #648441)
+	- gnutls26 2.12.14-1 (bug #648441)
 CVE-2011-4127
 	RESERVED
 CVE-2011-4126
@@ -1139,7 +1136,7 @@
 CVE-2011-4065
 	RESERVED
 CVE-2011-4063 (chan_sip.c in the SIP channel driver in Asterisk Open Source
1.8.x ...)
-	- asterisk <unfixed> (bug #647252)
+	- asterisk 1:1.8.7.1~dfsg-1 (bug #647252)
 CVE-2011-4062 (Buffer overflow in the &quot;linux emulation&quot;
support in FreeBSD 7.3 and ...)
 	{DSA-2325-1}
 	- kfreebsd-10 10.0~svn226224-1
@@ -6658,44 +6655,6 @@
 	NOT-FOR-US: Monkey''s Audio
 CVE-2006-7245 (Monkey''s Audio before 4.01b2 allows remote attackers to
cause a denial ...)
 	NOT-FOR-US: Monkey''s Audio
-CVE-2011-XXXX [MSA-11-0017]
-	- moodle <not-affected> (Only affects 2.x)
-CVE-2011-XXXX [MSA-11-0016]
-	- moodle <not-affected> (Only affects 2.x)
-CVE-2011-XXXX [MSA-11-0015]
-	- moodle 1.9.9.dfsg2-3
-	[squeeze] - moodle 1.9.9.dfsg2-2.1+squeeze1
-CVE-2011-XXXX [MSA-11-0014]
-	- moodle <not-affected> (Only affects 2.x)
-CVE-2011-XXXX [MSA-11-0013]
-	- moodle 1.9.9.dfsg2-3
-	[squeeze] - moodle 1.9.9.dfsg2-2.1+squeeze1
-CVE-2011-XXXX [MSA-11-0012]
-	- moodle <not-affected> (Only affects 2.x)
-CVE-2011-XXXX [MSA-11-0011]
-	- moodle 1.9.9.dfsg2-3
-	[squeeze] - moodle 1.9.9.dfsg2-2.1+squeeze1
-CVE-2011-XXXX [MSA-11-0010]
-	- moodle <not-affected> (Only affects 2.x)
-CVE-2011-XXXX [MSA-11-0009]
-	- moodle <not-affected> (Only affects 2.x)
-CVE-2011-XXXX [MSA-11-0008]
-	- moodle 1.9.9.dfsg2-3
-	[squeeze] - moodle 1.9.9.dfsg2-2.1+squeeze1
-CVE-2011-XXXX [MSA-11-0007]
-	- moodle <not-affected> (Only affects 2.x)
-CVE-2011-XXXX [MSA-11-0006]
-	- moodle <not-affected> (Only affects 2.x)
-CVE-2011-XXXX [MSA-11-0005]
-	- moodle <not-affected> (Only affects 2.x)
-CVE-2011-XXXX [MSA-11-0004]
-	- moodle <not-affected> (Only affects 2.x)
-CVE-2011-XXXX [MSA-11-0003]
-	- moodle 1.9.9.dfsg2-3
-	[squeeze] - moodle 1.9.9.dfsg2-2.1+squeeze1
-CVE-2011-XXXX [MSA-11-0002]
-	- moodle 1.9.9.dfsg2-3
-	[squeeze] - moodle 1.9.9.dfsg2-2.1+squeeze1
 CVE-2011-2144 (The eDocument Conversion Actions implementation in IBM Datacap
...)
 	NOT-FOR-US: IBM Datacap Taskmaster Capture
 CVE-2011-2143 (IBM Datacap Taskmaster Capture 8.0.1 before FP1, when Windows
...)

Modified: data/DSA/list
==================================================================---
data/DSA/list	2011-11-18 13:22:24 UTC (rev 17635)
+++ data/DSA/list	2011-11-18 21:13:45 UTC (rev 17636)
@@ -313,6 +313,7 @@
 [16 Jun 2011] DSA-2263-1 movabletype-opensource - several
 	[squeeze] - movabletype-opensource 4.3.5+dfsg-2+squeeze2
 [16 Jun 2011] DSA-2262-1 moodle - several
+	{CVE-2011-4133 CVE-2011-4278 CVE-2011-4283 CVE-2011-4286 CVE-2011-4288
CVE-2011-4290}
 	[squeeze] - moodle 1.9.9.dfsg2-2.1+squeeze1
 [15 Jun 2011] DSA-2261-1 redmine - several
 	[squeeze] - redmine 1.0.1-2
Secure testing commits - Nov 2011 - r17636 - in data: CVE DSA

[Secure-testing-commits] r17636 - in data: CVE DSA
