Author: jmm Date: 2012-07-20 09:31:43 +0000 (Fri, 20 Jul 2012) New Revision: 19768 Modified: data/CVE/list Log: bugnum for tiff3 new moodle issues libjpeg-turbo ITPed Modified: data/CVE/list ==================================================================--- data/CVE/list 2012-07-20 08:33:05 UTC (rev 19767) +++ data/CVE/list 2012-07-20 09:31:43 UTC (rev 19768) @@ -1321,7 +1321,7 @@ CVE-2012-3401 [tiff2pdf heap-based buffer overflow due to improper initialization of T2P context struct pointer] RESERVED - tiff <unfixed> (bug #682115) - - tiff3 <unfixed> + - tiff3 <unfixed> (bug #682195) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=837577 CVE-2012-3400 RESERVED @@ -1331,28 +1331,51 @@ NOT-FOR-US: Basilic CVE-2012-3398 RESERVED + - moodle <unfixed> (bug #682203) + [squeeze] - moodle <no-dsa> (Minor issue) CVE-2012-3397 RESERVED + - moodle <unfixed> (bug #682203) + [squeeze] - moodle <not-affected> (Only affects >= 2.0) CVE-2012-3396 RESERVED + - moodle <unfixed> (bug #682203) + [squeeze] - moodle <not-affected> (Only affects >= 2.0) CVE-2012-3395 RESERVED + - moodle <unfixed> (bug #682203) + [squeeze] - moodle <not-affected> (Only affects >= 2.0) CVE-2012-3394 RESERVED + - moodle <unfixed> (bug #682203) + [squeeze] - moodle <not-affected> (Only affects >= 2.1) CVE-2012-3393 RESERVED + - moodle <unfixed> (bug #682203) + [squeeze] - moodle <not-affected> (Only affects >= 2.1) CVE-2012-3392 RESERVED + - moodle <unfixed> (bug #682203) + [squeeze] - moodle <not-affected> (Only affects >= 2.1) CVE-2012-3391 RESERVED + - moodle <unfixed> (bug #682203) + [squeeze] - moodle <not-affected> (Only affects >= 2.1) CVE-2012-3390 RESERVED + - moodle <unfixed> (bug #682203) + [squeeze] - moodle <not-affected> (Only affects >= 2.1) CVE-2012-3389 RESERVED + - moodle <unfixed> (bug #682203) + [squeeze] - moodle <not-affected> (Only affects >= 2.2) CVE-2012-3388 RESERVED + - moodle <unfixed> (bug #682203) + [squeeze] - moodle <not-affected> (Only affects >= 2.2) CVE-2012-3387 RESERVED + - moodle <not-affected> (Only affects 2.3) CVE-2012-3386 RESERVED - automake <not-affected> (Vulnerable code not present) @@ -2646,10 +2669,7 @@ NOTE: http://git.chromium.org/gitweb/?p=chromium/src.git;a=patch;h=f183580d61c054f7f6bb35cfe29e1b342390fbebcd CVE-2012-2806 [libjpeg-turbo: Heap-based buffer overflow when decompressing corrupt JPEG images] RESERVED - TODO: check - NOTE: http://www.openwall.com/lists/oss-security/2012/07/17/3 - NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=826849 - NOTE: http://libjpeg-turbo.svn.sourceforge.net/viewvc/libjpeg-turbo?view=revision&revision=830 + - libjpeg-turbo <itp> (bug #612341) CVE-2012-2805 RESERVED CVE-2012-2804