Author: jmm Date: 2012-07-31 08:42:40 +0000 (Tue, 31 Jul 2012) New Revision: 19837 Modified: data/CVE/list Log: new rails issue new squashfs-tools issues (no-dsa) new dnsmasq issue (no-dsa) Modified: data/CVE/list ==================================================================--- data/CVE/list 2012-07-31 06:45:15 UTC (rev 19836) +++ data/CVE/list 2012-07-31 08:42:40 UTC (rev 19837) @@ -99,9 +99,11 @@ CVE-2012-4026 (The Johnson Controls Pegasys P2000 server with software before 3.11 ...) NOT-FOR-US: The Johnson Controls Pegasys P2000 CVE-2012-4025 (Integer overflow in the queue_init function in unsquashfs.c in ...) - TODO: check + - squashfs-tools <unfixed> (low; bug #683371) + [squeeze] - squashfs-tools <no-dsa> (Minor issue) CVE-2012-4024 (Stack-based buffer overflow in the get_component function in ...) - TODO: check + - squashfs-tools <unfixed> (low; bug #683371) + [squeeze] - squashfs-tools <no-dsa> (Minor issue) CVE-2012-4023 RESERVED CVE-2012-4022 @@ -1375,6 +1377,8 @@ [squeeze] - libpng <no-dsa> (Minor issue) CVE-2012-3424 RESERVED + - rails <not-affected> (Only affects RoR 3.x) + - ruby-actionpack-3.2 <unfixed> (bug #683370) CVE-2012-3423 RESERVED CVE-2012-3422 @@ -1409,6 +1413,8 @@ RESERVED CVE-2012-3411 RESERVED + - dnsmasq <unfixed> (low; bug #683372) + [squeeze] - dnsmasq <no-dsa> (Minor issue) CVE-2012-3410 RESERVED - bash 4.2-4 (low)