Author: aw-guest Date: 2012-08-10 20:41:59 +0000 (Fri, 10 Aug 2012) New Revision: 19927 Modified: data/CVE/list Log: Bugs for CVE-2011-3389, CVE-2011-5095 CVE-2012-0876: python2.7 probably does not use embedded expat copy Modified: data/CVE/list ==================================================================--- data/CVE/list 2012-08-10 13:13:19 UTC (rev 19926) +++ data/CVE/list 2012-08-10 20:41:59 UTC (rev 19927) @@ -946,7 +946,8 @@ CVE-2012-3790 (Cross-site scripting (XSS) vulnerability in index.php in Adiscon ...) NOT-FOR-US: Adiscon LogAnalyzer CVE-2011-5095 (The Diffie-Hellman key-exchange implementation in OpenSSL 0.9.8, when ...) - - openssl <unfixed> + - openssl <unfixed> (bug #684527) + NOTE: seems fixed in testing/unstable CVE-2012-3789 (Unspecified vulnerability in bitcoind and Bitcoin-Qt before 0.4.7rc3, ...) - bitcoin 0.5.0~rc1-1 CVE-2012-3788 @@ -7989,6 +7990,7 @@ - expat 2.1.0~beta3-1 (bug #663579) - python2.6 2.6.8-0.1 - python2.7 <unfixed> + NOTE: python2.7 probably does not use embedded expat copy - python3.1 <unfixed> - python3.2 <unfixed> CVE-2012-0875 [systemtap invalid read leading to kernel DoS] @@ -15272,7 +15274,7 @@ NOTE: strictly speaking this is no lighttpd issue, but lighttpd adds a workaround - curl 7.24.0-1 NOTE: http://curl.haxx.se/docs/adv_20120124B.html - - python2.6 2.6.8-0.1 + - python2.6 2.6.8-0.1 (bug #684511) - python2.7 2.7.3~rc1-1 - python3.1 <unfixed> (bug #678998) - python3.2 3.2.3~rc1-1