thr3ads.net - Secure testing commits - [Secure-testing-commits] r18742

If this information is useful, please help other people find it:
Share via:
Moritz Muehlenhoff
2012-Mar-23 14:17 UTC
[Secure-testing-commits] r18742 - data/CVE

Author: jmm
Date: 2012-03-23 14:17:06 +0000 (Fri, 23 Mar 2012)
New Revision: 18742

Modified:
   data/CVE/list
Log:
new ffmpeg/libav issues
kernel updates


Modified: data/CVE/list
==================================================================---
data/CVE/list	2012-03-23 09:14:36 UTC (rev 18741)
+++ data/CVE/list	2012-03-23 14:17:06 UTC (rev 18742)
@@ -1667,7 +1667,7 @@
 	TODO: check
 CVE-2012-1097
 	RESERVED
-	- linux-2.6 <unfixed> (low)
+	- linux-2.6 3.2.10-1 (low)
 CVE-2012-1096
 	RESERVED
 CVE-2012-1095
@@ -2231,6 +2231,8 @@
 	RESERVED
 CVE-2012-0858
 	RESERVED
+	- libav 4:0.8.1-1
+	- ffmpeg <removed>
 CVE-2012-0857
 	RESERVED
 CVE-2012-0856
@@ -2241,6 +2243,8 @@
 	RESERVED
 CVE-2012-0853
 	RESERVED
+	- libav 4:0.8.1-1
+	- ffmpeg <removed>
 CVE-2012-0852
 	RESERVED
 CVE-2012-0851
@@ -2251,6 +2255,8 @@
 	RESERVED
 CVE-2012-0848
 	RESERVED
+	- libav 4:0.8.1-1
+	- ffmpeg <removed>
 CVE-2012-0847
 	RESERVED
 CVE-2012-0846
@@ -5128,8 +5134,6 @@
 	[wheezy] - linux-2.6 <not-affected> (introduced in 3.2-rc1)
 	[squeeze] - linux-2.6 <not-affected> (introduced in 3.2-rc1)
 	[lenny] - linux-2.6 <not-affected> (introduced in 3.2-rc1)
-	NOTE: fix is
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=69e4747ee9727d660b88d7e1efe0f4afcb35db1b
(queued for 3.3)
-	NOTE: actually unfixed in experimental, not marked because of version
numbering
 CVE-2012-0057 (PHP before 5.3.9 has improper libxslt security settings, which
allows ...)
 	{DSA-2399-1}
 	- php5 5.3.9-1 (bug #656308)
@@ -7666,8 +7670,12 @@
 	- webkit <undetermined>
 CVE-2011-3952
 	RESERVED
+	- libav 4:0.8.1-1
+	- ffmpeg <removed>
 CVE-2011-3951
 	RESERVED
+	- libav 4:0.8.1-1
+	- ffmpeg <removed>
 CVE-2011-3950
 	RESERVED
 CVE-2011-3949
@@ -7676,10 +7684,14 @@
 	RESERVED
 CVE-2011-3947
 	RESERVED
+	- libav 4:0.8.1-1
+	- ffmpeg <removed>
 CVE-2011-3946
 	RESERVED
 CVE-2011-3945
 	RESERVED
+	- libav 4:0.8.1-1
+	- ffmpeg <removed>
 CVE-2011-3944
 	RESERVED
 CVE-2011-3943
@@ -7690,14 +7702,20 @@
 	RESERVED
 CVE-2011-3940
 	RESERVED
+	- libav 4:0.8.1-1
+	- ffmpeg <removed>
 CVE-2011-3939
 	RESERVED
 CVE-2011-3938
 	RESERVED
 CVE-2011-3937
 	RESERVED
+	- libav 4:0.8.1-1
+	- ffmpeg <removed>
 CVE-2011-3936
 	RESERVED
+	- libav 4:0.8.1-1
+	- ffmpeg <removed>
 CVE-2011-3935
 	RESERVED
 CVE-2011-3934
@@ -7712,6 +7730,8 @@
 	RESERVED
 CVE-2011-3929
 	RESERVED
+	- libav 4:0.8.1-1
+	- ffmpeg <removed>
 CVE-2011-3928 (Use-after-free vulnerability in Google Chrome before 16.0.912.77
...)
 	- chromium-browser 16.0.912.77~r118311-1
 	- webkit <undetermined>
@@ -13710,8 +13730,7 @@
 CVE-2011-1833
 	RESERVED
 	- ecryptfs-utils 92-1
-	- linux-2.6 <unfixed>
-	NOTE: kernel commit 764355487ea220fdc2faf128d577d7f679b91f97
+	- linux-2.6 3.1.1-1
 	NOTE: cannot be fixed in ecryptfs-utils (squeeze, lenny) until kernel fix is
in place
 CVE-2011-1832
 	RESERVED
@@ -19417,7 +19436,7 @@
 CVE-2010-4564
 	RESERVED
 CVE-2010-4563 (The Linux kernel, when using IPv6, allows remote attackers to
...)
-	- linux-2.6 <undetermined>
+	- linux-2.6 <unfixed> (unimportant)
 	NOTE: http://seclists.org/fulldisclosure/2011/Apr/254
 CVE-2010-4562 (Microsoft Windows 2008, 7, Vista, 2003, 2000, and XP, when using
IPv6, ...)
 	NOT-FOR-US: Microsoft Windows
Secure testing commits - Mar 2012 - r18742 - data/CVE

[Secure-testing-commits] r18742 - data/CVE
