Author: joeyh
Date: 2012-05-30 21:14:54 +0000 (Wed, 30 May 2012)
New Revision: 19379
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
==================================================================---
data/CVE/list 2012-05-30 18:54:38 UTC (rev 19378)
+++ data/CVE/list 2012-05-30 21:14:54 UTC (rev 19379)
@@ -1,4 +1,29 @@
+CVE-2012-2952 (SQL injection vulnerability in add_ons.php in Jaow 2.4.5 and
earlier ...)
+ TODO: check
+CVE-2012-2951 (SQL injection vulnerability in plog-rss.php in Plogger allows
remote ...)
+ TODO: check
+CVE-2012-2950
+ RESERVED
+CVE-2012-2949 (The ZTE sync_agent program for Android 2.3.4 on the Score M
device ...)
+ TODO: check
+CVE-2012-2948
+ RESERVED
+CVE-2012-2947
+ RESERVED
+CVE-2012-2946
+ RESERVED
+CVE-2012-2945
+ RESERVED
+CVE-2010-5140
+ RESERVED
+CVE-2010-5139
+ RESERVED
+CVE-2010-5138
+ RESERVED
+CVE-2010-5137
+ RESERVED
CVE-2012-2944 [upsd remote crash]
+ RESERVED
- nut <unfixed>
NOTE:
https://alioth.debian.org/tracker/index.php?func=detail&aid=313636&group_id=30602&atid=411542
CVE-2012-2943 (CRLF injection vulnerability in cryptographp.inc.php in
Cryptographp ...)
@@ -2356,16 +2381,13 @@
RESERVED
- puppet 2.7.13-1
[squeeze] - puppet <not-affected> (Only affects 2.7.x)
-CVE-2012-1988
- RESERVED
+CVE-2012-1988 (Puppet 2.6.x before 2.6.15 and 2.7.x before 2.7.13, and Puppet
...)
{DSA-2451-1}
- puppet 2.7.13-1
-CVE-2012-1987
- RESERVED
+CVE-2012-1987 (Unspecified vulnerability in Puppet 2.6.x before 2.6.15 and
2.7.x ...)
{DSA-2451-1}
- puppet 2.7.13-1
-CVE-2012-1986
- RESERVED
+CVE-2012-1986 (Puppet 2.6.x before 2.6.15 and 2.7.x before 2.7.13, and Puppet
...)
{DSA-2451-1}
- puppet 2.7.13-1
CVE-2011-5085 (Unspecified vulnerability in Movable Type 4.x before 4.36 and
5.x ...)
@@ -2538,8 +2560,7 @@
RESERVED
CVE-2012-1907 (The scanner engine in PrivaWall Antivirus 5.6 and earlier does
not ...)
NOT-FOR-US: PrivaWall Antivirus
-CVE-2012-1906
- RESERVED
+CVE-2012-1906 (Puppet 2.6.x before 2.6.15 and 2.7.x before 2.7.13, and Puppet
...)
{DSA-2451-1}
- puppet 2.7.13-1
CVE-2012-1905
@@ -4556,12 +4577,10 @@
NOT-FOR-US: Forward module for Drupal
CVE-2012-1055 (Heap-based buffer overflow in PhotoLine 17.01 and possibly other
...)
NOT-FOR-US: PhotoLine
-CVE-2012-1054
- RESERVED
+CVE-2012-1054 (Puppet 2.6.x before 2.6.14 and 2.7.x before 2.7.11, and Puppet
...)
{DSA-2419-1}
- puppet 2.7.11-1
-CVE-2012-1053
- RESERVED
+CVE-2012-1053 (The change_user method in the SUIDManager ...)
{DSA-2419-1}
- puppet 2.7.11-1
CVE-2012-1052 (Buffer overflow in IvanView 1.2.15 allows remote attackers to
execute ...)
@@ -5208,8 +5227,7 @@
RESERVED
{DSA-2449-1}
- sqlalchemy 0.6.7-1
-CVE-2012-0804
- RESERVED
+CVE-2012-0804 (Heap-based buffer overflow in the proxy_connect function in ...)
{DSA-2407-1}
- cvs 2:1.12.13+real-7
CVE-2012-0803
@@ -7378,8 +7396,7 @@
CVE-2011-4838 (JRuby before 1.6.5.1 computes hash values without restricting
the ...)
- jruby <unfixed>
[squeeze] - jruby <no-dsa> (Non-free not supported)
-CVE-2012-0220
- RESERVED
+CVE-2012-0220 (Multiple cross-site scripting (XSS) vulnerabilities in the meta
plugin ...)
{DSA-2474-1}
- ikiwiki 3.20120516
CVE-2012-0219 [socat ''xioscan_readline()'' Heap Based Buffer
Overflow Vulnerability]
@@ -13249,8 +13266,7 @@
- chromium-browser 17.0.963.83~r127885-1
CVE-2011-3049 (Google Chrome before 17.0.963.83 does not properly restrict the
...)
- chromium-browser 17.0.963.83~r127885-1
-CVE-2011-3048
- RESERVED
+CVE-2011-3048 (The png_set_text_2 function in pngset.c in libpng 1.0.x before
1.0.59, ...)
{DSA-2446-1}
- libpng 1.2.49-1 (bug #667475)
CVE-2011-3047 (The GPU process in Google Chrome before 17.0.963.79 allows
remote ...)