diff options
author | Joey Hess <joeyh@debian.org> | 2011-09-11 21:14:18 +0000 |
---|---|---|
committer | Joey Hess <joeyh@debian.org> | 2011-09-11 21:14:18 +0000 |
commit | 22b5bb9254ffe1e1c546ad29bf18c88b1f456cb9 (patch) | |
tree | 2d4df56135f1b04d7d62aceb3a8bfa2f56e8072f /data | |
parent | e5b8a82e8d6a94b6bd8f669a65de0f28e29c4e53 (diff) |
automatic update
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@17212 e39458fd-73e7-0310-bf30-c45bca0a0e42
Diffstat (limited to 'data')
-rw-r--r-- | data/CVE/list | 12 |
1 files changed, 10 insertions, 2 deletions
diff --git a/data/CVE/list b/data/CVE/list index 881dbf3152..b11757f5df 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -433,6 +433,7 @@ CVE-2011-3207 [openssl CRL verification vulnerability] CVE-2011-3206 RESERVED CVE-2011-3205 (Buffer overflow in the gopherToHTML function in gopher.cc in the ...) + {DSA-2304-1} - squid3 3.1.15-1 (low; bug #639755) - squid <not-affected> (Only a buffer overflow in Squid 3, see https://bugzilla.redhat.com/show_bug.cgi?id=734583#c4) NOTE: http://www.squid-cache.org/Advisories/SQUID-2011_3.txt @@ -1434,6 +1435,7 @@ CVE-2011-2819 (Google Chrome before 13.0.782.107 allows remote attackers to bypa - webkit <undetermined> NOTE: http://trac.webkit.org/changeset/91611 CVE-2011-2818 (Use-after-free vulnerability in Google Chrome before 13.0.782.107 ...) + {DSA-2307-1} - chromium-browser 13.0.782.107~r94237-1 - webkit <undetermined> NOTE: http://trac.webkit.org/changeset/91386 @@ -1485,6 +1487,7 @@ CVE-2011-2801 (Use-after-free vulnerability in Google Chrome before 13.0.782.107 - webkit <undetermined> NOTE: http://trac.webkit.org/changeset/90936 CVE-2011-2800 (Google Chrome before 13.0.782.107 allows remote attackers to obtain ...) + {DSA-2307-1} - chromium-browser 13.0.782.107~r94237-1 - webkit <undetermined> NOTE: http://trac.webkit.org/changeset/91044 @@ -2675,6 +2678,7 @@ CVE-2011-2360 (Google Chrome before 13.0.782.107 does not ensure that the user i - chromium-browser 13.0.782.107~r94237-1 (unimportant) - webkit <not-affected> (chromium specific) CVE-2011-2359 (Google Chrome before 13.0.782.107 does not properly track line boxes ...) + {DSA-2307-1} - chromium-browser 13.0.782.107~r94237-1 - webkit <undetermined> NOTE: http://trac.webkit.org/changeset/90068 @@ -7280,7 +7284,7 @@ CVE-2011-0764 (t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6 and other CVE-2011-0763 RESERVED CVE-2011-0762 (The vsf_filename_passes_filter function in ls.c in vsftpd before 2.3.3 ...) - {DSA-2304-1} + {DSA-2305-1} - vsftpd 2.3.4-1 (bug #622741) [squeeze] - vsftpd 2.3.2-3+squeeze3 [lenny] - vsftpd 2.0.7-1+lenny1 @@ -7411,10 +7415,12 @@ CVE-2011-0724 (The Live DVD for Edubuntu 9.10, 10.04 LTS, and 10.10 does not ... NOTE: https://bugs.launchpad.net/ubuntu/+source/italc/+bug/714864 NOTE: https://lists.ubuntu.com/archives/ubuntu-security-announce/2011-February/001245.html CVE-2011-0723 (FFmpeg 0.5.x, as used in MPlayer and other products, allows remote ...) + {DSA-2306-1} - libav 4:0.6-1 - ffmpeg <unfixed> - ffmpeg-debian <removed> CVE-2011-0722 (FFmpeg before 0.5.4, as used in MPlayer and other products, allows ...) + {DSA-2306-1} - libav 4:0.6-1 - ffmpeg <unfixed> - ffmpeg-debian <removed> @@ -7683,7 +7689,7 @@ CVE-2010-4705 (Integer overflow in the vorbis_residue_decode_internal function i - ffmpeg-debian <not-affected> (issue introduced in 0.6.x series) NOTE: recheck when 0.6.x gets uploaded CVE-2010-4704 (libavcodec/vorbis_dec.c in the Vorbis decoder in FFmpeg 0.6.1 and ...) - {DSA-2165-1} + {DSA-2306-1 DSA-2165-1} - libav 4:0.6.2-1 (low; bug #611495) - ffmpeg <removed> (low; bug #611495) - ffmpeg-debian <removed> (low) @@ -8071,6 +8077,7 @@ CVE-2011-0481 (Buffer overflow in Google Chrome before 8.0.552.237 and Chrome OS - chromium-browser <not-affected> (Chrome PDF plugin) - webkit <not-affected> (Chrome PDF plugin) CVE-2011-0480 (Multiple buffer overflows in vorbis_dec.c in the Vorbis decoder in ...) + {DSA-2306-1} - ffmpeg <not-affected> (webm not yet supported) - ffmpeg-debian <not-affected> (webm not supported yet) - libav 4:0.6.1-1 (bug #610550) @@ -11553,6 +11560,7 @@ CVE-2010-3910 (Multiple directory traversal vulnerabilities in the ...) CVE-2010-3909 (Incomplete blacklist vulnerability in config.template.php in vtiger ...) NOT-FOR-US: vtiger CRM CVE-2010-3908 (FFmpeg before 0.5.4, as used in MPlayer and other products, allows ...) + {DSA-2306-1} - libav 4:0.6-1 - ffmpeg <unfixed> - ffmpeg-debian <removed> |