Author: jmm Date: 2012-02-16 09:21:55 +0000 (Thu, 16 Feb 2012) New Revision: 18453 Modified: data/CVE/list Log: new Java issues, three of them w/o details :-/ Modified: data/CVE/list ==================================================================--- data/CVE/list 2012-02-16 08:21:48 UTC (rev 18452) +++ data/CVE/list 2012-02-16 09:21:55 UTC (rev 18453) @@ -1487,28 +1487,58 @@ RESERVED CVE-2012-0508 RESERVED + - openjdk-6 <not-affected> (JavaFX not part of OpenJDK) + - openjdk-7 <not-affected> (JavaFX not part of OpenJDK) + - sun-java6 <removed> CVE-2012-0507 RESERVED CVE-2012-0506 RESERVED + - openjdk-6 <unfixed> + - openjdk-7 <unfixed> + - sun-java6 <removed> CVE-2012-0505 RESERVED CVE-2012-0504 RESERVED + - openjdk-6 <not-affected> (Only applies to the Windows-specific update tool) + - openjdk-7 <not-affected> (Only applies to the Windows-specific update tool) + - sun-java6 <not-affected> (Only applies to the Windows-specific update tool) CVE-2012-0503 RESERVED + - openjdk-6 <unfixed> + - openjdk-7 <unfixed> + - sun-java6 <removed> CVE-2012-0502 RESERVED + - openjdk-6 <unfixed> + - openjdk-7 <unfixed> + - sun-java6 <removed> CVE-2012-0501 RESERVED + - openjdk-6 <unfixed> + - openjdk-7 <unfixed> + - sun-java6 <removed> CVE-2012-0500 RESERVED + - openjdk-6 <unfixed> + - openjdk-7 <unfixed> + - sun-java6 <removed> CVE-2012-0499 RESERVED + - openjdk-6 <unfixed> + - openjdk-7 <unfixed> + - sun-java6 <removed> CVE-2012-0498 RESERVED -CVE-2012-0497 + - openjdk-6 <unfixed> + - openjdk-7 <unfixed> + - sun-java6 <removed> +CVE-2012-0497 [OpenJDK: insufficient checking of the graphics rendering object] RESERVED + - openjdk-6 <unfixed> + - openjdk-7 <unfixed> + - sun-java6 <removed> CVE-2012-0496 (Unspecified vulnerability in the MySQL Server component in Oracle ...) - mysql-5.1 <not-affected> (Only affects MySQL 5.5 from experimental) CVE-2012-0495 (Unspecified vulnerability in the MySQL Server component in Oracle ...) @@ -2144,6 +2174,9 @@ CVE-2011-5036 (Rack before 1.1.3, 1.2.x before 1.2.5, and 1.3.x before 1.3.6 computes ...) - ruby-rack <unfixed> (bug #653962) CVE-2011-5035 (Oracle Glassfish 2.1.1, 3.0.1, and 3.1.1, as used in Communications ...) + - openjdk-6 <unfixed> + - openjdk-7 <unfixed> + - sun-java6 <removed> - glassfish <unfixed> (bug #653964) CVE-2011-5034 (Apache Geronimo 2.2.1 and earlier computes hash values for form ...) TODO: check @@ -3143,7 +3176,7 @@ - mysql-5.1 <unfixed> (bug #659687) CVE-2012-0111 (Unspecified vulnerability in the Oracle VM VirtualBox component in ...) - virtualbox 4.1.8-dfsg-1 (bug #659950) - [squeeze] - virtualbox <not-affected> + [squeeze] - virtualbox <not-affected> (Vulnerable code not present, see #659950) CVE-2012-0110 (Unspecified vulnerability in the Oracle Outside In Technology ...) NOT-FOR-US: Oracle Fusion Middleware CVE-2012-0109 (Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 Express ...) @@ -3156,7 +3189,7 @@ RESERVED CVE-2012-0105 (Unspecified vulnerability in the Oracle VM VirtualBox component in ...) - virtualbox-guest-additions-iso 4.1.8-1 (bug #659951) - [squeeze] - virtualbox-guest-additions-iso <not-affected> + [squeeze] - virtualbox-guest-additions-iso <not-affected> (Vulnerable code not present, see #659950) CVE-2012-0104 (Unspecified vulnerability in Oracle GlassFish Enterprise Server 3.0.1 ...) TODO: check CVE-2012-0103 (Unspecified vulnerability in Oracle Solaris 11 Express allows local ...) @@ -7054,7 +7087,10 @@ CVE-2011-3572 RESERVED CVE-2011-3571 (Unspecified vulnerability in the Virtual Desktop Infrastructure (VDI) ...) - TODO: check + - openjdk-6 <unfixed> + - openjdk-7 <unfixed> + - sun-java6 <removed> + NOTE: CVE description is wrong CVE-2011-3570 (Unspecified vulnerability in Oracle Communications Unified 7.0 allows ...) NOT-FOR-US: Oracle Communications Unified CVE-2011-3569 (Unspecified vulnerability in the Oracle Web Services Manager component ...)