Author: jmm Date: 2012-02-13 08:39:34 +0000 (Mon, 13 Feb 2012) New Revision: 18427 Modified: data/CVE/list data/next-point-update.txt Log: many new mysql issues :-/ shadow fixed eglibc timezone overflow fixed in spu upload Modified: data/CVE/list ==================================================================--- data/CVE/list 2012-02-12 22:22:22 UTC (rev 18426) +++ data/CVE/list 2012-02-13 08:39:34 UTC (rev 18427) @@ -1202,31 +1202,31 @@ CVE-2012-0497 RESERVED CVE-2012-0496 (Unspecified vulnerability in the MySQL Server component in Oracle ...) - TODO: check + - mysql-5.1 <not-affected> (Only affects MySQL 5.5 from experimental) CVE-2012-0495 (Unspecified vulnerability in the MySQL Server component in Oracle ...) - TODO: check + - mysql-5.1 <not-affected> (Only affects MySQL 5.5 from experimental) CVE-2012-0494 (Unspecified vulnerability in the MySQL Server component in Oracle ...) - TODO: check + - mysql-5.1 <not-affected> (Only affects MySQL 5.5 from experimental) CVE-2012-0493 (Unspecified vulnerability in the MySQL Server component in Oracle ...) - TODO: check + - mysql-5.1 <not-affected> (Only affects MySQL 5.5 from experimental) CVE-2012-0492 (Unspecified vulnerability in the MySQL Server component in Oracle ...) - TODO: check + - mysql-5.1 <unfixed> (bug #659687) CVE-2012-0491 (Unspecified vulnerability in the MySQL Server component in Oracle ...) - TODO: check + - mysql-5.1 <not-affected> (Only affects MySQL 5.5 from experimental) CVE-2012-0490 (Unspecified vulnerability in the MySQL Server component in Oracle ...) - TODO: check + - mysql-5.1 <unfixed> (bug #659687) CVE-2012-0489 (Unspecified vulnerability in the MySQL Server component in Oracle ...) - TODO: check + - mysql-5.1 <not-affected> (Only affects MySQL 5.5 from experimental) CVE-2012-0488 (Unspecified vulnerability in the MySQL Server component in Oracle ...) - TODO: check + - mysql-5.1 <not-affected> (Only affects MySQL 5.5 from experimental) CVE-2012-0487 (Unspecified vulnerability in the MySQL Server component in Oracle ...) - TODO: check + - mysql-5.1 <not-affected> (Only affects MySQL 5.5 from experimental) CVE-2012-0486 (Unspecified vulnerability in the MySQL Server component in Oracle ...) - TODO: check + - mysql-5.1 <not-affected> (Only affects MySQL 5.5 from experimental) CVE-2012-0485 (Unspecified vulnerability in the MySQL Server component in Oracle ...) - TODO: check + - mysql-5.1 <unfixed> (bug #659687) CVE-2012-0484 (Unspecified vulnerability in the MySQL Server component in Oracle ...) - TODO: check + - mysql-5.1 <unfixed> (bug #659687) CVE-2012-0483 RESERVED CVE-2012-0482 @@ -2806,23 +2806,23 @@ CVE-2011-XXXX [bokken: insecure tempfile] - bokken 1.5-3 (bug #651931) CVE-2012-0120 (Unspecified vulnerability in the MySQL Server component in Oracle ...) - TODO: check + - mysql-5.1 <unfixed> (bug #659687) CVE-2012-0119 (Unspecified vulnerability in the MySQL Server component in Oracle ...) - TODO: check + - mysql-5.1 <unfixed> (bug #659687) CVE-2012-0118 (Unspecified vulnerability in the MySQL Server component in Oracle ...) - TODO: check + - mysql-5.1 <unfixed> (bug #659687) CVE-2012-0117 (Unspecified vulnerability in the MySQL Server component in Oracle ...) - TODO: check + - mysql-5.1 <not-affected> (Only affects MySQL 5.5 from experimental) CVE-2012-0116 (Unspecified vulnerability in the MySQL Server component in Oracle ...) - TODO: check + - mysql-5.1 <unfixed> (bug #659687) CVE-2012-0115 (Unspecified vulnerability in the MySQL Server component in Oracle ...) - TODO: check + - mysql-5.1 <unfixed> (bug #659687) CVE-2012-0114 (Unspecified vulnerability in the MySQL Server component in Oracle ...) - TODO: check + - mysql-5.1 <unfixed> (bug #659687) CVE-2012-0113 (Unspecified vulnerability in the MySQL Server component in Oracle ...) - TODO: check + - mysql-5.1 <unfixed> (bug #659687) CVE-2012-0112 (Unspecified vulnerability in the MySQL Server component in Oracle ...) - TODO: check + - mysql-5.1 <unfixed> (bug #659687) CVE-2012-0111 (Unspecified vulnerability in the Oracle VM VirtualBox component in ...) TODO: check CVE-2012-0110 (Unspecified vulnerability in the Oracle Outside In Technology ...) @@ -2842,9 +2842,9 @@ CVE-2012-0103 (Unspecified vulnerability in Oracle Solaris 11 Express allows local ...) NOT-FOR-US: Oracle Solaris Kernel CVE-2012-0102 (Unspecified vulnerability in the MySQL Server component in Oracle ...) - TODO: check + - mysql-5.1 <unfixed> (bug #659687) CVE-2012-0101 (Unspecified vulnerability in the MySQL Server component in Oracle ...) - TODO: check + - mysql-5.1 <unfixed> (bug #659687) CVE-2012-0100 (Unspecified vulnerability in Oracle Solaris 9, 10, and 11 Express ...) TODO: check CVE-2012-0099 (Unspecified vulnerability in Oracle Solaris 9, 10, and 11 Express ...) @@ -2872,7 +2872,7 @@ CVE-2012-0088 (Unspecified vulnerability in the PeopleSoft Enterprise HCM component ...) NOT-FOR-US: Oracle PeopleSoft Products CVE-2012-0087 (Unspecified vulnerability in the MySQL Server component in Oracle ...) - TODO: check + - mysql-5.1 <unfixed> (bug #659687) CVE-2012-0086 RESERVED CVE-2012-0085 (Unspecified vulnerability in the Oracle WebCenter Content component in ...) @@ -2896,7 +2896,7 @@ CVE-2012-0076 (Unspecified vulnerability in the PeopleSoft Enterprise HCM component ...) NOT-FOR-US: Oracle PeopleSoft Products CVE-2012-0075 (Unspecified vulnerability in the MySQL Server component in Oracle ...) - TODO: check + - mysql-5.1 <unfixed> (bug #659687) CVE-2012-0074 (Unspecified vulnerability in the PeopleSoft Enterprise CRM component ...) NOT-FOR-US: Oracle PeopleSoft Products CVE-2012-0073 (Unspecified vulnerability in the Oracle Forms component in Oracle ...) @@ -10481,7 +10481,7 @@ CVE-2011-2263 (Unspecified vulnerability in Sun Integrated Lights Out Manager in ...) NOT-FOR-US: Oracle SysFW CVE-2011-2262 (Unspecified vulnerability in the MySQL Server component in Oracle ...) - TODO: check + - mysql-5.1 <unfixed> (bug #659687) CVE-2011-2261 (Unspecified vulnerability in the Oracle Secure Backup component in ...) NOT-FOR-US: Oracle Secure Backup CVE-2011-2260 (Unspecified vulnerability in the Oracle GlassFish Server component in ...) @@ -10755,7 +10755,7 @@ [squeeze] - linux-2.6 2.6.32-36 CVE-2005-4890 [login: tty hijacking possible in "su" via TIOCSTI ioctl] RESERVED - - shadow <unfixed> (low; bug #628843) + - shadow 1:4.1.5-1 (low; bug #628843) [squeeze] - shadow <no-dsa> (Minor issue) [lenny] - shadow <no-dsa> (Minor issue) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=173008 @@ -17522,6 +17522,7 @@ CVE-2009-5029 [glibc heap overflow] RESERVED - eglibc 2.13-24 (low; bug #656108) + [squeeze] - eglibc <no-dsa> (Will be fixed in next point update) - glibc <removed> NOTE: http://support.novell.com/security/cve/CVE-2009-5029.html NOTE: https://bugzilla.novell.com/show_bug.cgi?id=735850 Modified: data/next-point-update.txt ==================================================================--- data/next-point-update.txt 2012-02-12 22:22:22 UTC (rev 18426) +++ data/next-point-update.txt 2012-02-13 08:39:34 UTC (rev 18427) @@ -2,5 +2,8 @@ [squeeze] - python-virtualenv 1.4.9-3squeeze1 CVE-2012-0824 [squeeze] - gnusound 0.7.5-3+squeeze1 +CVE-2009-5029 + [squeeze] - eglibc 2.11.3-3 +