Author: fw
Date: 2012-01-04 20:59:29 +0000 (Wed, 04 Jan 2012)
New Revision: 18028
Modified:
data/CVE/list
Log:
OpenSSL issues
Modified: data/CVE/list
==================================================================---
data/CVE/list 2012-01-04 20:28:33 UTC (rev 18027)
+++ data/CVE/list 2012-01-04 20:59:29 UTC (rev 18028)
@@ -1329,8 +1329,9 @@
RESERVED
CVE-2012-0028
RESERVED
-CVE-2012-0027
+CVE-2012-0027 [Invalid GOST parameters DoS Attack in OpenSSL]
RESERVED
+ - openssl <unfixed>
CVE-2012-0026
RESERVED
CVE-2012-0025
@@ -1548,8 +1549,9 @@
- linux-2.6 <unfixed>
CVE-2011-4620 (Buffer overflow in the ulSetError function in util/ulError.cxx
in PLIB ...)
TODO: check
-CVE-2011-4619
+CVE-2011-4619 [SGC Restart DoS Attack in OpenSSL]
RESERVED
+ - openssl <unfixed>
CVE-2011-4618
RESERVED
CVE-2011-4617 (virtualenv.py in virtualenv before 1.5 allows local users to
overwrite ...)
@@ -1685,10 +1687,13 @@
RESERVED
{DSA-2362-1}
- acpid 1:2.0.11-1
-CVE-2011-4577
+CVE-2011-4577 [Malformed RFC 3779 Data Can Cause Assertion Failures in OpenSSL]
RESERVED
-CVE-2011-4576
+ - openssl <unfixed> (unimportant)
+ NOTE: RFC 3779 support has not been enabled at compile time.
+CVE-2011-4576 [Uninitialized SSL 3.0 Padding in OpenSSL]
RESERVED
+ - openssl <unfixed>
CVE-2011-4575
RESERVED
CVE-2011-4574
@@ -3046,10 +3051,12 @@
CVE-2011-4110
RESERVED
- linux-2.6 3.1.4-1
-CVE-2011-4109
+CVE-2011-4109 [Double-free in Policy Checks in OpenSSL]
RESERVED
-CVE-2011-4108
+ - openssl <unfixed>
+CVE-2011-4108 [DTLS Plaintext Recovery Attack in OpenSSL]
RESERVED
+ - openssl <unfixed>
CVE-2011-4107 (The simplexml_load_string function in the XML import plug-in
...)
- phpmyadmin 4:3.4.7.1-1
[lenny] - phpmyadmin <not-affected> (Vulerable code not present)