Secure testing commits - Jul 2012 - r19734 - data/CVE

Author: fgeek-guest
Date: 2012-07-13 10:31:17 +0000 (Fri, 13 Jul 2012)
New Revision: 19734

Modified:
   data/CVE/list
Log:
New libexif issues CVE-2012-2812, CVE-2012-2813, CVE-2012-2814, CVE-2012-2836,
CVE-2012-2837, CVE-2012-2840, CVE-2012-2841, CVE-2012-2845

Modified: data/CVE/list
==================================================================---
data/CVE/list	2012-07-12 21:14:21 UTC (rev 19733)
+++ data/CVE/list	2012-07-13 10:31:17 UTC (rev 19734)
@@ -2476,6 +2476,11 @@
 	RESERVED
 CVE-2012-2845
 	RESERVED
+	- libexif <unfixed> (bug #681454)
+	TODO: check if Debian is affected
+	NOTE: Marcus Meissner said CVE-2012-2845 is actually for "exif", the
commandline tool. Not the library libexif
+	NOTE: https://bugzilla.novell.com/show_bug.cgi?id=771229
+	NOTE: http://seclists.org/oss-sec/2012/q3/74
 CVE-2012-2844
 	RESERVED
 	- chromium-browser <unfixed>
@@ -2487,16 +2492,28 @@
 	- chromium-browser <unfixed>
 CVE-2012-2841
 	RESERVED
+	- libexif <unfixed> (bug #681454)
+	NOTE: https://bugzilla.novell.com/show_bug.cgi?id=771229
+	NOTE: http://seclists.org/oss-sec/2012/q3/74
 CVE-2012-2840
 	RESERVED
+	- libexif <unfixed> (bug #681454)
+	NOTE: https://bugzilla.novell.com/show_bug.cgi?id=771229
+	NOTE: http://seclists.org/oss-sec/2012/q3/74
 CVE-2012-2839
 	RESERVED
 CVE-2012-2838
 	RESERVED
 CVE-2012-2837
 	RESERVED
+	- libexif <unfixed> (bug #681454)
+	NOTE: https://bugzilla.novell.com/show_bug.cgi?id=771229
+	NOTE: http://seclists.org/oss-sec/2012/q3/74
 CVE-2012-2836
 	RESERVED
+	- libexif <unfixed> (bug #681454)
+	NOTE: https://bugzilla.novell.com/show_bug.cgi?id=771229
+	NOTE: http://seclists.org/oss-sec/2012/q3/74
 CVE-2012-2835
 	RESERVED
 CVE-2012-2834 (Integer overflow in Google Chrome before 20.0.1132.43 allows
remote ...)
@@ -2541,10 +2558,19 @@
 	- chromium-browser 20.0.1132.43~r143823-1
 CVE-2012-2814
 	RESERVED
+	- libexif <unfixed> (bug #681454)
+	NOTE: https://bugzilla.novell.com/show_bug.cgi?id=771229
+	NOTE: http://seclists.org/oss-sec/2012/q3/74
 CVE-2012-2813
 	RESERVED
+	- libexif <unfixed> (bug #681454)
+	NOTE: https://bugzilla.novell.com/show_bug.cgi?id=771229
+	NOTE: http://seclists.org/oss-sec/2012/q3/74
 CVE-2012-2812
 	RESERVED
+	- libexif <unfixed> (bug #681454)
+	NOTE: https://bugzilla.novell.com/show_bug.cgi?id=771229
+	NOTE: http://seclists.org/oss-sec/2012/q3/74
 CVE-2012-2811
 	RESERVED
 CVE-2012-2810