Author: jmm Date: 2012-07-12 08:15:20 +0000 (Thu, 12 Jul 2012) New Revision: 19724 Modified: data/CVE/list Log: automakes fixed mono fixed openjpeg fixed libgc fixed Modified: data/CVE/list ==================================================================--- data/CVE/list 2012-07-11 23:18:29 UTC (rev 19723) +++ data/CVE/list 2012-07-12 08:15:20 UTC (rev 19724) @@ -1179,13 +1179,13 @@ RESERVED - automake <unfixed> [squeeze] - automake <no-dsa> (Minor issue) - - automake1.10 <unfixed> + - automake1.10 1:1.10.3-3 [squeeze] - automake1.10 <no-dsa> (Minor issue) - - automake1.11 <unfixed> (bug #681097) + - automake1.11 1:1.11.6-1 (bug #681097) [squeeze] - automake1.11 <no-dsa> (Minor issue) - automake1.7 <unfixed> [squeeze] - automake1.7 <no-dsa> (Minor issue) - - automake1.9 <unfixed> + - automake1.9 1.9.6+nogfdl-4 [squeeze] - automake1.9 <no-dsa> (Minor issue) CVE-2012-3385 [WordPress information disclosure] RESERVED @@ -1204,7 +1204,7 @@ NOTE: http://www.openwall.com/lists/oss-security/2012/07/08/1 CVE-2012-3382 [XSS in a Mono System.web error page] RESERVED - - mono <unfixed> (bug #681095) + - mono 2.10.8.1-5 (bug #681095) NOTE: https://bugzilla.novell.com/show_bug.cgi?id=769799 NOTE: https://github.com/mono/mono/commit/d16d4623edb210635bec3ca3786481b82cde25a2 CVE-2012-3381 [sblim-sfcb: insecure LD_LIBRARY_PATH usage] @@ -1296,7 +1296,7 @@ RESERVED CVE-2012-3358 [Openjpeg: heap-buffer overflow when processing JPEG2000 image files] RESERVED - - openjpeg <unfixed> (bug #681075) + - openjpeg 1.3+dfsg-4.4 (bug #681075) NOTE: http://www.openwall.com/lists/oss-security/2012/07/11/1 NOTE: Upstream patch: http://code.google.com/p/openjpeg/source/detail?r=1727 NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=835767 @@ -2775,7 +2775,7 @@ NOT-FOR-US: Android libc CVE-2012-2673 RESERVED - - libgc <unfixed> (bug #677195) + - libgc 1:7.1-9 (bug #677195) CVE-2012-2672 (Oracle Mojarra 2.1.7 does not properly "clean up" the FacesContext ...) - mojarra <not-affected> (Only affected in combination with EAP6/AS7 application servers, bug #677194) CVE-2012-2671 (The Rack::Cache rubygem 0.3.0 through 1.1 caches Set-Cookie and other ...)