thr3ads.net - Secure testing commits - [Secure-testing-commits] r19240

If this information is useful, please help other people find it:
Share via:
Joey Hess
2012-May-13 21:14 UTC
[Secure-testing-commits] r19240 - data/CVE

Author: joeyh
Date: 2012-05-13 21:14:24 +0000 (Sun, 13 May 2012)
New Revision: 19240

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
==================================================================---
data/CVE/list	2012-05-13 20:28:27 UTC (rev 19239)
+++ data/CVE/list	2012-05-13 21:14:24 UTC (rev 19240)
@@ -4056,13 +4056,14 @@
 	RESERVED
 CVE-2012-0947 [Heap-based Buffer Overflow in libavcodec]
 	RESERVED
+	{DSA-2471-1}
 	- libav 6:0.8.2-1
 	- ffmpeg <removed>
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/libav/+bug/980963
 	NOTE: http://www.openwall.com/lists/oss-security/2012/05/03/4
 CVE-2012-0946 (The NVIDIA UNIX driver before 295.40 allows local users to
access ...)
 	- nvidia-graphics-drivers 295.40-1
-    [squeeze] - nvidia-graphics-drivers 195.36.31-6squeeze1
+	[squeeze] - nvidia-graphics-drivers 195.36.31-6squeeze1
 CVE-2012-0945
 	RESERVED
 CVE-2012-0944
@@ -4306,6 +4307,7 @@
 	RESERVED
 CVE-2012-0853
 	RESERVED
+	{DSA-2471-1}
 	- libav 4:0.8.1-1
 	- ffmpeg <removed>
 CVE-2012-0852
@@ -4400,7 +4402,7 @@
 CVE-2012-0824
 	RESERVED
 	- gnusound <removed> (low; bug #654270)
-    [squeeze] - gnusound 0.7.5-3+squeeze1
+	[squeeze] - gnusound 0.7.5-3+squeeze1
 CVE-2012-0823 (VP8 Codec SDK (libvpx) before 1.0.0 &quot;Duclair&quot;
allows remote attackers ...)
 	- libvpx 1.0.0-1
 	[squeeze] - libvpx <not-affected> (Introduced in 0.9.7)
@@ -4432,7 +4434,7 @@
 	- rpm 4.9.1.3-1 (bug #667031)
 CVE-2012-0814 (The auth_parse_options function in auth-options.c in sshd in
OpenSSH ...)
 	- openssh 1:5.6p1-1 (low; bug #657445)
-    [squeeze] - openssh-server 1:5.5p1-6+squeeze2
+	[squeeze] - openssh-server 1:5.5p1-6+squeeze2
 CVE-2012-0813 [wicd cleartext passwords]
 	RESERVED
 	- wicd 1.7.1~b3-4 (unimportant; bug #652417)
@@ -6541,7 +6543,7 @@
 	- openarena 0.8.5-6 (medium; bug #665656)
 	- ioquake3 <not-affected> (fixed before upload)
 	- tremulous 1.1.0-8 (bug #665842)
-    [squeeze] - tremulous 1.1.0-7~squeeze1
+	[squeeze] - tremulous 1.1.0-7~squeeze1
 CVE-2010-5076
 	RESERVED
 	- qt4-x11 4:4.6.3-1
@@ -7686,7 +7688,7 @@
 CVE-2011-4617 (virtualenv.py in virtualenv before 1.5 allows local users to
overwrite ...)
 	- python-virtualenv 1.6-1 (low; bug #652653)
 	[lenny] - python-virtualenv <no-dsa> (Minor issue)
-    [squeeze] - python-virtualenv 1.4.9-3squeeze1
+	[squeeze] - python-virtualenv 1.4.9-3squeeze1
 CVE-2011-4616 (Cross-site scripting (XSS) vulnerability in the
HTML-Template-Pro ...)
 	- libhtml-template-pro-perl 0.9507-1 (low; bug #652587)
 	[squeeze] - libhtml-template-pro-perl 0.9502-1+squeeze1
@@ -9264,7 +9266,7 @@
 CVE-2011-4099
 	RESERVED
 	- libcap2 1:2.22-1 (low)
-    [squeeze] - libcap2 1:2.19-3
+	[squeeze] - libcap2 1:2.19-3
 CVE-2011-4098
 	RESERVED
 CVE-2011-4097
@@ -9908,6 +9910,7 @@
 	RESERVED
 CVE-2011-3947
 	RESERVED
+	{DSA-2471-1}
 	- libav 4:0.8.1-1
 	- ffmpeg <removed>
 CVE-2011-3946
@@ -9926,6 +9929,7 @@
 	RESERVED
 CVE-2011-3940
 	RESERVED
+	{DSA-2471-1}
 	- libav 4:0.8.1-1
 	- ffmpeg <removed>
 CVE-2011-3939
@@ -9938,6 +9942,7 @@
 	- ffmpeg <removed>
 CVE-2011-3936
 	RESERVED
+	{DSA-2471-1}
 	- libav 4:0.8.1-1
 	- ffmpeg <removed>
 CVE-2011-3935
@@ -9954,6 +9959,7 @@
 	RESERVED
 CVE-2011-3929
 	RESERVED
+	{DSA-2471-1}
 	- libav 4:0.8.1-1
 	- ffmpeg <removed>
 CVE-2011-3928 (Use-after-free vulnerability in Google Chrome before 16.0.912.77
...)
@@ -10072,6 +10078,7 @@
 	- webkit <not-affected> (Chrome issue)
 	[squeeze] - chromium-browser <not-affected>
 CVE-2011-3895 (Heap-based buffer overflow in the Vorbis decoder in Google
Chrome ...)
+	{DSA-2471-1}
 	- chromium-browser 15.0.874.121~r109964-1
 	- webkit <not-affected> (Chrome issue)
 	- ffmpeg <removed>
@@ -10081,6 +10088,7 @@
 	- webkit <not-affected> (Chrome issue)
 	[squeeze] - chromium-browser <not-affected>
 CVE-2011-3893 (Google Chrome before 15.0.874.120 does not properly implement
the MKV ...)
+	{DSA-2471-1}
 	- chromium-browser 15.0.874.121~r109964-1
 	- webkit <not-affected> (Chrome issue)
 	- libav 4:0.8~beta2-1 (bug #654534; bug #654572)
@@ -10090,6 +10098,7 @@
 	NOTE: http://src.chromium.org/viewvc/chrome?view=rev&revision=106599
 	NOTE: http://src.chromium.org/viewvc/chrome?view=rev&revision=106621
 CVE-2011-3892 (Double free vulnerability in the Theora decoder in Google Chrome
...)
+	{DSA-2471-1}
 	- chromium-browser 15.0.874.121~r109964-1
 	- webkit <not-affected> (Chrome issue)
 	[squeeze] - chromium-browser <not-affected>
@@ -10924,11 +10933,11 @@
 CVE-2011-3598 (Multiple cross-site scripting (XSS) vulnerabilities in
phpPgAdmin ...)
 	- phppgadmin 5.0.3-1 (low; bug #644290)
 	[squeeze] - phppgadmin 4.2.3-1.1squeeze1
-    [lenny] - phppgadmin 4.2.2-1lenny1
+	[lenny] - phppgadmin 4.2.2-1lenny1
 CVE-2011-3597 (Eval injection in the Digest module before 1.17 for Perl allows
...)
 	- libdigest-perl 1.17-1 (low; bug #644108)
 	[squeeze] - libdigest-perl 1.16-1+squeeze1
-    [lenny] - libdigest-perl 1.15-2+lenny1
+	[lenny] - libdigest-perl 1.15-2+lenny1
 	- perl 5.12.4-6 (low; bug #644108)
 	[squeeze] - perl 5.10.1-17squeeze3
 	[lenny] - perl <no-dsa> (Minor issue)
@@ -10986,7 +10995,7 @@
 	RESERVED
 	- typo3-src 4.5.6+dfsg1-1 (low; bug #641683)
 	[squeeze] - typo3-src 4.3.9+dfsg1-1+squeeze2
-    [lenny] - typo3-src 4.2.5-1+lenny9
+	[lenny] - typo3-src 4.2.5-1+lenny9
 CVE-2011-3583 [TYPO3-SA-2011-002]
 	RESERVED
 	- typo3-src 4.5.6+dfsg1-1 (low; bug #641682)
@@ -12587,7 +12596,7 @@
 	[squeeze] - openarena <no-dsa> (Minor issue, will be fixed in point
update)
 	- ioquake3 1.36+svn1946-4
 	- tremulous 1.1.0-6 (bug #660836)
-    [squeeze] - tremulous 1.1.0-7~squeeze1
+	[squeeze] - tremulous 1.1.0-7~squeeze1
 CVE-2011-3011 (BaseServiceImpl.class in CA ARCserve D2D r15 does not properly
handle ...)
 	NOT-FOR-US: CA ARCserve D2D
 CVE-2011-3010 (Multiple cross-site scripting (XSS) vulnerabilities in TWiki
before ...)
@@ -13536,7 +13545,7 @@
 	[squeeze] - openarena 0.8.5-5+squeeze1
 	- ioquake3 1.36+svn1946-4
 	- tremulous 1.1.0-6 (bug #660836)
-    [squeeze] - tremulous 1.1.0-7~squeeze1
+	[squeeze] - tremulous 1.1.0-7~squeeze1
 CVE-2011-2763 (The web interface on the LifeSize Room appliance LS_RM1_3.5.3
(11) and ...)
 	NOT-FOR-US: LifeSize Room appliance
 CVE-2011-2762 (The web interface on the LifeSize Room appliance LS_RM1_3.5.3
(11) ...)
@@ -13637,7 +13646,7 @@
 	RESERVED
 	- kdeutils 4:4.6.5-4 (low; bug #635541)
 	[lenny] - kdeutils <no-dsa> (Minor issue)
-    [squeeze] - kdeutils 4:4.4.5-1+squeeze1
+	[squeeze] - kdeutils 4:4.4.5-1+squeeze1
 CVE-2011-2724 (The check_mtab function in client/mount.cifs.c in mount.cifs in
smbfs ...)
 	- samba 2:3.4.7~dfsg-2 (low)
 	- cifs-utils 2:5.1-1 (low)
@@ -16278,7 +16287,7 @@
 CVE-2011-1784 (The pidfile_write function in core/pidfile.c in keepalived 1.2.2
and ...)
 	- keepalived 1:1.2.2-2 (low; bug #626281)
 	[lenny] - keepalived <no-dsa> (Minor issue)
-    [squeeze] - keepalived 1:1.1.20-1+squeeze1
+	[squeeze] - keepalived 1:1.1.20-1+squeeze1
 CVE-2011-1783 (The mod_dav_svn module for the Apache HTTP Server, as
distributed in ...)
 	{DSA-2251-1}
 	- subversion 1.6.17dfsg-1
@@ -90719,11 +90728,11 @@
 CVE-2006-3325 (client/cl_parse.c in the id3 Quake 3 Engine 1.32c and the
Icculus ...)
 	- ioquake3 1.36+svn1788j-1
 	- tremulous 1.1.0-6 (bug #660834)
-    [squeeze] - tremulous 1.1.0-7~squeeze1
+	[squeeze] - tremulous 1.1.0-7~squeeze1
 CVE-2006-3324 (The Automatic Downloading option in the id3 Quake 3 Engine and
the ...)
 	- ioquake3 1.36+svn1788j-1
 	- tremulous 1.1.0-6 (bug #660832)
-    [squeeze] - tremulous 1.1.0-7~squeeze1
+	[squeeze] - tremulous 1.1.0-7~squeeze1
 CVE-2006-3323 (PHP remote file inclusion vulnerability in admin/admin.php in MF
...)
 	NOT-FOR-US: MF Piadas
 CVE-2006-3322 (SQL injection vulnerability in includes/functions_logging.php in
...)
@@ -91702,7 +91711,7 @@
 	NOT-FOR-US: PHP Pro Publish
 CVE-2006-2875 (Stack-based buffer overflow in the CL_ParseDownload function of
Quake ...)
 	- tremulous 1.1.0-6 (bug #660827)
-    [squeeze] - tremulous 1.1.0-7~squeeze1
+	[squeeze] - tremulous 1.1.0-7~squeeze1
 	- ioquake3 1.36+svn1788j-1
 CVE-2006-2874 (Unspecified vulnerability in OSADS Alliance Database before 1.4
has ...)
 	NOT-FOR-US: OSADS
@@ -93222,7 +93231,7 @@
 	- awstats 6.5-2 (bug #365909; bug #365910; medium)
 CVE-2006-2236 (Buffer overflow in the Quake 3 Engine, as used by (1) ET 2.60,
(2) ...)
 	- tremulous 1.1.0-6 (bug #660827)
-    [squeeze] - tremulous 1.1.0-7~squeeze1
+	[squeeze] - tremulous 1.1.0-7~squeeze1
 	- ioquake3 1.36+svn1788j-1
 CVE-2006-2235 (CodeMunkyX (aka free-php.net) Simple Poll 1.0, when
authentication is ...)
 	NOT-FOR-US: Simple Poll
@@ -93582,7 +93591,7 @@
 CVE-2006-2082 (Directory traversal vulnerability in Quake 3 engine, as used in
...)
 	- ioquake3 1.36+svn1788j-1
 	- tremulous 1.1.0-6 (bug #660831)
-    [squeeze] - tremulous 1.1.0-7~squeeze1
+	[squeeze] - tremulous 1.1.0-7~squeeze1
 CVE-2006-2081 (Oracle Database Server 10g Release 2 allows local users to
execute ...)
 	NOT-FOR-US: Oracle
 CVE-2006-2080 (SQL injection vulnerability in portfolio_photo_popup.php in
Verosky ...)
Secure testing commits - May 2012 - r19240 - data/CVE

[Secure-testing-commits] r19240 - data/CVE
