Author: jmm Date: 2012-08-21 06:17:07 +0000 (Tue, 21 Aug 2012) New Revision: 19996 Modified: data/CVE/list Log: graphicsmagick fixed filed bugs for roundcube and pcp new kernel issues Modified: data/CVE/list ==================================================================--- data/CVE/list 2012-08-20 21:14:21 UTC (rev 19995) +++ data/CVE/list 2012-08-21 06:17:07 UTC (rev 19996) @@ -1806,19 +1806,21 @@ RESERVED CVE-2012-3511 RESERVED + - linux <unfixed> + - linux-2.6 <removed> CVE-2012-3510 RESERVED + - linux 2.6.20-1 + - linux-2.6 2.6.20-1 CVE-2012-3509 RESERVED CVE-2012-3508 [SA50279: roundcube multiple XSS] RESERVED - - roundcube <unfixed> - NOTE: CVE request http://www.openwall.com/lists/oss-security/2012/08/20/2 + - roundcube <unfixed> (bug #685475) NOTE: http://trac.roundcube.net/ticket/1488613 CVE-2012-3507 [SA50212: roundcube 0.8 XSS] RESERVED - roundcube <not-affected> (only affects rc versions of 0.8) - NOTE: CVE request http://www.openwall.com/lists/oss-security/2012/08/20/2 NOTE: http://trac.roundcube.net/ticket/1488519 CVE-2012-3506 RESERVED @@ -2013,7 +2015,7 @@ CVE-2012-3439 RESERVED CVE-2012-3438 (The Magick_png_malloc function in coders/png.c in GraphicsMagick ...) - - graphicsmagick <unfixed> (low; bug #683284) + - graphicsmagick 1.3.16-1.1 (low; bug #683284) [squeeze] - graphicsmagick <no-dsa> (Minor issue) CVE-2012-3437 (The Magick_png_malloc function in coders/png.c in ImageMagick 6.7.8-6 ...) - imagemagick 8:6.7.7.10-3 (low; bug #683285) @@ -2063,16 +2065,16 @@ - icedtea-web <unfixed> CVE-2012-3421 [pcp: incorrect event-driven programming] RESERVED - - pcp <unfixed> + - pcp <unfixed> (bug #685476) CVE-2012-3420 [pcp: memory leaks] RESERVED - - pcp <unfixed> + - pcp <unfixed> (bug #685476) CVE-2012-3419 [pcp: information disclosure] RESERVED - - pcp <unfixed> + - pcp <unfixed> (bug #685476) CVE-2012-3418 [pcp: multiple integer and heap-based overflows] RESERVED - - pcp <unfixed> + - pcp <unfixed> (bug #685476) CVE-2012-3417 (The good_client function in rquotad (rquota_svc.c) in Linux DiskQuota ...) - quota 4.00~pre1-1 NOTE: this is at least fixed in 4.00, I could not trace this back to an exact version