Secure testing commits - Jan 2012 - r18137 - data/CVE

Author: gilbert-guest
Date: 2012-01-13 02:10:30 +0000 (Fri, 13 Jan 2012)
New Revision: 18137

Modified:
   data/CVE/list
Log:
libav and openssl issues fixed

Modified: data/CVE/list
==================================================================---
data/CVE/list	2012-01-13 01:58:47 UTC (rev 18136)
+++ data/CVE/list	2012-01-13 02:10:30 UTC (rev 18137)
@@ -1858,7 +1858,7 @@
 	RESERVED
 	- linux-2.6 2.6.32-1
 CVE-2012-0027 (The GOST ENGINE in OpenSSL before 1.0.0f does not properly
handle ...)
-	- openssl <unfixed>
+	- openssl 1.0.0f-1
 	[lenny] - openssl <not-affected> (no GOST support)
 	[squeeze] - openssl <not-affected> (no GOST support)
 CVE-2012-0026
@@ -2078,7 +2078,7 @@
 CVE-2011-4620 (Buffer overflow in the ulSetError function in util/ulError.cxx
in PLIB ...)
 	- plib <unfixed> (bug #654785)
 CVE-2011-4619 (The Server Gated Cryptography (SGC) implementation in OpenSSL
before ...)
-	- openssl <unfixed>
+	- openssl 1.0.0f-1 
 CVE-2011-4618
 	RESERVED
 CVE-2011-4617 (virtualenv.py in virtualenv before 1.5 allows local users to
overwrite ...)
@@ -2216,10 +2216,10 @@
 	{DSA-2362-1}
 	- acpid 1:2.0.11-1
 CVE-2011-4577 (OpenSSL before 0.9.8s and 1.x before 1.0.0f, when RFC 3779
support is ...)
-	- openssl <unfixed> (unimportant)
+	- openssl 1.0.0f-1 (unimportant)
 	NOTE: RFC 3779 support has not been enabled at compile time.
 CVE-2011-4576 (The SSL 3.0 implementation in OpenSSL before 0.9.8s and 1.x
before ...)
-	- openssl <unfixed>
+	- openssl 1.0.0f-1 
 CVE-2011-4575
 	RESERVED
 CVE-2011-4574
@@ -3580,7 +3580,7 @@
 CVE-2011-4109 (Double free vulnerability in OpenSSL 0.9.8 before 0.9.8s, when
...)
 	- openssl 1.0.0c-1
 CVE-2011-4108 (The DTLS implementation in OpenSSL before 0.9.8s and 1.x before
1.0.0f ...)
-	- openssl <unfixed> (low; bug #645805)
+	- openssl 1.0.0f-1 (low; bug #645805)
 	NOTE:
http://rt.openssl.org/Ticket/Display.html?id=2625&user=guest&pass=guest
 CVE-2011-4107 (The simplexml_load_string function in the XML import plug-in
...)
 	- phpmyadmin 4:3.4.7.1-1
@@ -4378,7 +4378,7 @@
 	- chromium-browser 15.0.874.121~r109964-1
 	- webkit <not-affected> (Chrome issue)
 	- ffmpeg <removed>
-	- libav <unfixed> (bug #654534; bug #654573)
+	- libav 4:0.8~beta2-1 (bug #654534; bug #654573)
 CVE-2011-3894 (Google Chrome before 15.0.874.120 does not properly perform VP8
...)
 	- chromium-browser 15.0.874.121~r109964-1
 	- webkit <not-affected> (Chrome issue)
@@ -4386,7 +4386,7 @@
 CVE-2011-3893 (Google Chrome before 15.0.874.120 does not properly implement
the MKV ...)
 	- chromium-browser 15.0.874.121~r109964-1
 	- webkit <not-affected> (Chrome issue)
-	- libav <unfixed> (bug #654534; bug #654572)
+	- libav 4:0.8~beta2-1 (bug #654534; bug #654572)
 	- ffmpeg <removed>
 	[squeeze] - chromium-browser <not-affected>
 	NOTE: this is due to http://llvm.org/bugs/show_bug.cgi?id=7554 
@@ -4396,7 +4396,7 @@
 	- chromium-browser 15.0.874.121~r109964-1
 	- webkit <not-affected> (Chrome issue)
 	[squeeze] - chromium-browser <not-affected>
-	- libav <unfixed> (bug #654534; bug #654571)
+	- libav 4:0.8~beta2-1 (bug #654534; bug #654571)
 	- ffmpeg <removed>
 	NOTE: http://src.chromium.org/viewvc/chrome?view=rev&revision=107489
 CVE-2011-3891 (Google Chrome before 15.0.874.102 does not properly restrict
access to ...)