Author: jmm
Date: 2012-04-10 14:07:34 +0000 (Tue, 10 Apr 2012)
New Revision: 18908
Modified:
data/CVE/list
Log:
- keystone fixed (not in stable)
- iproute fixed and non-issue
- libpgjava not affected
Modified: data/CVE/list
==================================================================---
data/CVE/list 2012-04-10 13:40:35 UTC (rev 18907)
+++ data/CVE/list 2012-04-10 14:07:34 UTC (rev 18908)
@@ -1241,8 +1241,7 @@
RESERVED
CVE-2012-1618 [jdbc pgsql SQL injection]
RESERVED
- - libpgjava <unfixed>
- TODO: check
+ - libpgjava <not-affected> (Even the version in oldstable had 8.2)
CVE-2012-1617
RESERVED
CVE-2012-1616
@@ -1368,8 +1367,7 @@
- gnutls28 3.0.17-2 (high)
CVE-2012-1572
RESERVED
- - keystone <unfixed>
- TODO: check
+ - keystone 2012.1~rc2-1
CVE-2012-1571 [CDF crasher bugs in file, found by CERT/CC BFF tool]
RESERVED
{DSA-2422-1}
@@ -2541,8 +2539,8 @@
NOT-FOR-US: Apache Wicket
CVE-2012-1088
RESERVED
- - iproute <unfixed>
- TODO: check
+ - iproute 20120319-1 (unimportant)
+ NOTE: 1st issue only exploitable at build time / 2nd issue just example script
in iproute-doc
CVE-2012-1087 (Cross-site scripting (XSS) vulnerability in the Post data
records to ...)
NOT-FOR-US: bc_post2facebook extension for TYPO3
CVE-2012-1086 (Cross-site scripting (XSS) vulnerability in the UrlTool
(aeurltool) ...)