Author: gilbert-guest Date: 2011-12-16 23:13:42 +0000 (Fri, 16 Dec 2011) New Revision: 17808 Modified: data/CVE/list Log: xorg updates Modified: data/CVE/list ==================================================================--- data/CVE/list 2011-12-16 21:14:23 UTC (rev 17807) +++ data/CVE/list 2011-12-16 23:13:42 UTC (rev 17808) @@ -917,8 +917,14 @@ RESERVED CVE-2011-4613 [X launcher permission bypass] RESERVED - - xorg <unfixed> (bug #652249) + - xorg 1:7.6+10 (low; bug #652249) + [squeeze] - xorg <no-dsa> (an exposure that needs to be combined with other vulnerabilities to have any impact) [lenny] - xorg <not-affected> (Introduced in 1:7.4~4) +CVE-2011-XXXX [X launcher doesn''t drop group privileges] + - xorg 1:7.6+10 (low) + [squeeze] - xorg <no-dsa> (potential privilege handling weakness, no known attack vector) + [lenny] - xorg <no-dsa> (potential privilege handling weakness, no known attack vector) + NOTE: http://anonscm.debian.org/gitweb/?p=pkg-xorg/debian/xorg.git;a=commitdiff;h=e81b3943be75ca6674867fc7756905490e979522 CVE-2011-4612 RESERVED CVE-2011-4611