thr3ads.net - Secure testing commits - [Secure-testing-commits] r18271

If this information is useful, please help other people find it:
Share via:

Moritz Muehlenhoff

2012-Jan-24 15:58 UTC

[Secure-testing-commits] r18271 - data/CVE

Author: jmm
Date: 2012-01-24 15:58:40 +0000 (Tue, 24 Jan 2012)
New Revision: 18271

Modified:
   data/CVE/list
Log:
bind fixed
rewrite two older 9.8-only issues


Modified: data/CVE/list
==================================================================---
data/CVE/list	2012-01-24 15:21:28 UTC (rev 18270)
+++ data/CVE/list	2012-01-24 15:58:40 UTC (rev 18271)
@@ -3892,8 +3892,7 @@
 	RESERVED
 CVE-2011-4313 (query.c in ISC BIND 9.0.x through 9.6.x, 9.4-ESV through
9.4-ESV-R5, ...)
 	{DSA-2347-1}
-	- bind9 <unfixed> (high; bug #649099)
-	NOTE: http://www.isc.org/software/bind/advisories/cve-2011-4313
+	- bind9 1:9.8.1.dfsg.P1-1 (high; bug #649099)
 CVE-2011-4312 (Multiple cross-site scripting (XSS) vulnerabilities in the
commenting ...)
 	NOT-FOR-US: Review Board
 CVE-2011-4311 (ResourceSpace before 4.2.2833 does not properly validate access
keys, ...)
@@ -9499,7 +9498,9 @@
 CVE-2011-2466
 	RESERVED
 CVE-2011-2465 (Unspecified vulnerability in ISC BIND 9 9.8.0, 9.8.0-P1,
9.8.0-P2, and ...)
-	- bind9 <not-affected> (Only affects 9.8, which hasn''t been
uploaded yet)
+	- bind9 1:9.8.1.dfsg.P1-1
+	[squeeze] - bind9 <not-affected> (Only affects 9.8)
+	[lenny] - bind9 <not-affected> (Only affects 9.8)
 CVE-2011-2464 (Unspecified vulnerability in ISC BIND 9 9.6.x before
9.6-ESV-R4-P3, ...)
 	{DSA-2272-1}
 	- bind9 1:9.8.1.dfsg-1 (high)
@@ -11046,8 +11047,9 @@
 	[squeeze] - fglrx-driver <no-dsa> (Non-free not supported)
 	[lenny] - fglrx-driver <no-dsa> (Non-free not supported)
 CVE-2011-1907 (ISC BIND 9.8.x before 9.8.0-P1, when Response Policy Zones (RPZ)
RRset ...)
-	- bind9 <not-affected> (Only affects 9.8.0, never uploaded to the
archive)
-	NOTE: https://www.isc.org/CVE-2011-1907
+	- bind9 1:9.8.1.dfsg.P1-1
+	[squeeze] - bind9 <not-affected> (Only affects 9.8.0)
+	[lenny] - bind9 <not-affected> (Only affects 9.8.0)
 CVE-2011-1765 (Cross-site scripting (XSS) vulnerability in MediaWiki before
1.16.5, ...)
 	- mediawiki <not-affected> (Incomplete fix was never released for
Debian, neither in sid, nor oldstable/stable)
 	NOTE: https://bugzilla.wikimedia.org/show_bug.cgi?id=28534

Secure testing commits - Jan 2012 - r18271 - data/CVE

[Secure-testing-commits] r18271 - data/CVE