new phpmyadmin issues

new chrome issues new old and unimportant firefox info leaks new jasper issues rails not affected xmlsec1 issue is actually a duped/mis-assigned webkit bug NFUs remove libpam-ssh entry, it's not a vulnerability per se and libpam-ssh has been removed in the mean time remove stunnel fd issue, minor hardening rpcbind issue already fixed openswan fixed new kernel issue git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@17848 e39458fd-73e7-0310-bf30-c45bca0a0e42
author: Moritz Muehlenhoff <jmm@debian.org> 2011-12-22 17:51:22 +0000
committer: Moritz Muehlenhoff <jmm@debian.org> 2011-12-22 17:51:22 +0000
commit: 2abe952af3304306d00abf2c93ff397e1a91f085 (patch)
tree: c00b3627b818430f6814de8fcd378008fe9ec28e /data/CVE
parent: beb049b3053e663142d0f5d7f12767268a75bb69 (diff)
3 files changed, 71 insertions, 74 deletions
diff --git a/data/CVE/2002.list b/data/CVE/2002.list
index ffdfcd6037..db54eff047 100644
--- a/data/CVE/2002.list
+++ b/data/CVE/2002.list
@@ -1,9 +1,9 @@
 CVE-2002-2437 (The JavaScript implementation in Mozilla Firefox before 4.0, ...)
-	TODO: check
+	- iceweasel 4.0-1 (unimportant)
 CVE-2002-2436 (The Cascading Style Sheets (CSS) implementation in Mozilla Firefox ...)
-	TODO: check
+	- iceweasel 4.0-1 (unimportant)
 CVE-2002-2435 (The Cascading Style Sheets (CSS) implementation in Microsoft Internet ...)
-	TODO: check
+	NOT-FOR-US: Internet Explorer
 CVE-2002-2434 (NWFTPD.nlm before 5.02i in the FTP server in Novell NetWare does not ...)
 	NOT-FOR-US: Novell NetWare
 CVE-2002-2433 (NWFTPD.nlm before 5.03b in the FTP server in Novell NetWare allows ...)
diff --git a/data/CVE/2010.list b/data/CVE/2010.list
index 110b4cd891..6c16410734 100644
--- a/data/CVE/2010.list
+++ b/data/CVE/2010.list
@@ -11,19 +11,21 @@ CVE-2010-5076
 CVE-2010-5075
 	RESERVED
 CVE-2010-5074 (The layout engine in Mozilla Firefox before 4.0, Thunderbird before ...)
-	TODO: check
+	- iceweasel 4.0-1 (unimportant)
 CVE-2010-5073 (The JavaScript implementation in Google Chrome 4 does not properly ...)
-	TODO: check
+	- chromium-browser <unfixed>
+	- webkit <undetermined>
 CVE-2010-5072 (The JavaScript implementation in Opera 10.5 does not properly restrict ...)
 	NOT-FOR-US: Opera
 CVE-2010-5071 (The JavaScript implementation in Microsoft Internet Explorer 8.0 and ...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2010-5070 (The JavaScript implementation in Apple Safari 4 does not properly ...)
-	TODO: check
+	NOT-FOR-US: Safari
 CVE-2010-5069 (The Cascading Style Sheets (CSS) implementation in Google Chrome 4 ...)
-	TODO: check
+	- chromium-browser <unfixed>
+	- webkit <undetermined>
 CVE-2010-5068 (The Cascading Style Sheets (CSS) implementation in Opera 10.5 does not ...)
-	TODO: check
+	NOT-FOR-US: Opera
 CVE-2010-5067
 	RESERVED
 CVE-2010-5066
@@ -7659,7 +7661,8 @@ CVE-2010-2065 (Integer overflow in the TIFFroundup macro in LibTIFF before 3.9.3
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/tiff/+bug/589565
 CVE-2010-2064
 	RESERVED
-	- rpcbind <unfixed>
+	- rpcbind 0.2.0-4.1
+	NOTE: This version changed the state directory to /var/run/rpcbind, which is only writable by root
 CVE-2010-2063 (Buffer overflow in the SMB1 packet chaining implementation in the ...)
 	{DSA-2061-1}
 	- samba 2:3.4.0~pre1-1 (high)
diff --git a/data/CVE/2011.list b/data/CVE/2011.list
index 5ea06ce037..03419ff14e 100644
--- a/data/CVE/2011.list
+++ b/data/CVE/2011.list
@@ -15,15 +15,15 @@ CVE-2011-4863
 CVE-2011-4862
 	RESERVED
 CVE-2011-4861 (The modbus_125_handler function in the Schneider Electric Quantum ...)
-	TODO: check
+	NOT-FOR-US: Schneider Electric Quantum Ethernet Module
 CVE-2011-4860 (The ComputePassword function in the Schneider Electric Quantum ...)
-	TODO: check
+	NOT-FOR-US: Schneider Electric Quantum Ethernet Module
 CVE-2011-4859 (The Schneider Electric Quantum Ethernet Module, as used in the Quantum ...)
-	TODO: check
+	NOT-FOR-US: Schneider Electric Quantum Ethernet Module
 CVE-2011-4858
 	RESERVED
 CVE-2011-4857 (Heap-based buffer overflow in the in_mod.dll plugin in Winamp before ...)
-	TODO: check
+	NOT-FOR-US: Winamp
 CVE-2011-4856 (The Control Panel in Parallels Plesk Panel 10.4.4_build20111103.18 ...)
 	NOT-FOR-US: Plesk
 CVE-2011-4855 (The Control Panel in Parallels Plesk Panel 10.4.4_build20111103.18 ...)
@@ -174,10 +174,12 @@ CVE-2011-4783
 	RESERVED
 CVE-2011-4782
 	RESERVED
+	- phpmyadmin 4:3.4.9-1
 CVE-2011-4781
 	RESERVED
 CVE-2011-4780
 	RESERVED
+	- phpmyadmin 4:3.4.9-1
 CVE-2011-4779
 	RESERVED
 CVE-2011-4778
@@ -293,7 +295,7 @@ CVE-2011-4725 (Multiple SQL injection vulnerabilities in the Server Administrati
 CVE-2011-4724
 	RESERVED
 CVE-2011-4723 (The D-Link DIR-300 router stores cleartext passwords, which allows ...)
-	TODO: check
+	NOT-FOR-US: D-Link DIR-300 router
 CVE-2011-4722
 	RESERVED
 CVE-2011-4721
@@ -301,11 +303,12 @@ CVE-2011-4721
 CVE-2011-4720
 	RESERVED
 CVE-2011-4719 (Multiple unspecified vulnerabilities in Google Chrome before ...)
-	TODO: check
+	- chromium-browser <unfixed>
+	- webkit <undetermined>
 CVE-2011-4718
 	RESERVED
 CVE-2011-4717 (Directory traversal vulnerability in zFTPServer Suite 6.0.0.52 allows ...)
-	TODO: check
+	NOT-FOR-US: zFTPServer Suite 
 CVE-2011-4716 (Directory traversal vulnerability in file in DreamBox DM800 1.6rc3, ...)
 	NOT-FOR-US: DreamBox
 CVE-2011-4715 (Directory traversal vulnerability in cgi-bin/koha/mainpage.pl in Koha ...)
@@ -355,15 +358,17 @@ CVE-2011-4694 (Unspecified vulnerability in Adobe Flash Player 11.1.102.55 on Wi
 CVE-2011-4693 (Unspecified vulnerability in Adobe Flash Player 11.1.102.55 on Windows ...)
 	NOT-FOR-US: Adobe Flash Player
 CVE-2011-4692 (WebKit, as used in Apple Safari 5.1.1 and earlier and Google Chrome 15 ...)
-	TODO: check
+	- chromium-browser <unfixed>
+	- webkit <undetermined>
 CVE-2011-4691 (Google Chrome 15.0.874.121 and earlier does not prevent capture of ...)
-	TODO: check
+	- chromium-browser <unfixed>
+	- webkit <undetermined>
 CVE-2011-4690 (Opera 11.60 and earlier does not prevent capture of data about the ...)
 	NOT-FOR-US: Opera
 CVE-2011-4689 (Microsoft Internet Explorer 6 through 9 does not prevent capture of ...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2011-4688 (Mozilla Firefox 8.0.1 and earlier does not prevent capture of data ...)
-	TODO: check
+	- iceweasel <unfixed> (unimportant)
 CVE-2011-4687 (Opera before 11.60 allows remote attackers to cause a denial of ...)
 	NOT-FOR-US: Opera
 CVE-2011-4686 (Unspecified vulnerability in the Web Workers implementation in Opera ...)
@@ -395,11 +400,11 @@ CVE-2011-4675 (The pathname canonicalization functionality in ...)
 CVE-2011-4674 (SQL injection vulnerability in popup.php in Zabbix 1.8.3 and 1.8.4, ...)
 	- zabbix <unfixed> (high; bug #651225)
 CVE-2011-4673 (SQL injection vulnerability in modules/sharedaddy.php in the Jetpack ...)
-	TODO: check
+	NOT-FOR-US: Jetpack plugin for Wordpress
 CVE-2011-4672 (Multiple SQL injection vulnerabilities in Valid tiny-erp 1.6 and ...)
-	TODO: check
+	NOT-FOR-US: Valid tiny-erp, different from TinyERP, the former name of OpenERP
 CVE-2011-4671 (SQL injection vulnerability in adrotate/adrotate-out.php in the ...)
-	TODO: check
+	NOT-FOR-US: Adrorate plugin for Wordpress
 CVE-2011-4670 (Multiple cross-site scripting (XSS) vulnerabilities in vTiger CRM ...)
 	NOT-FOR-US: vTiger CRM
 CVE-2011-4669 (SQL injection vulnerability in wp-users.php in WordPress Users plugin ...)
@@ -503,6 +508,7 @@ CVE-2011-4622
 	RESERVED
 CVE-2011-4621
 	RESERVED
+	- linux-2.6 <unfixed>
 CVE-2011-4620
 	RESERVED
 CVE-2011-4619
@@ -765,9 +771,9 @@ CVE-2011-4519
 CVE-2011-4518
 	RESERVED
 CVE-2011-4517 (The jpc_crg_getparms function in libjasper/jpc/jpc_cs.c in JasPer ...)
-	TODO: check
+	- jasper <unfixed> (bug #652649)
 CVE-2011-4516 (Heap-based buffer overflow in the jpc_cox_getcompparms function in ...)
-	TODO: check
+	- jasper <unfixed> (bug #652649)
 CVE-2011-4515
 	RESERVED
 CVE-2011-4514
@@ -1068,7 +1074,7 @@ CVE-2011-4370
 CVE-2011-4369 (Unspecified vulnerability in the PRC component in Adobe Reader and ...)
 	NOT-FOR-US: Adobe Acrobat Reader
 CVE-2011-4368 (Cross-site scripting (XSS) vulnerability in Remote Development ...)
-	TODO: check
+	NOT-FOR-US: Adobe Cold Fusion
 CVE-2011-4367
 	RESERVED
 CVE-2011-4366
@@ -1162,7 +1168,7 @@ CVE-2011-4347
 	RESERVED
 	- linux-2.6 <unfixed>
 CVE-2011-4346 (Cross-site scripting (XSS) vulnerability in the web interface in Red ...)
-	TODO: check
+	NOT-FOR-US: Red Hat Satellite
 CVE-2011-4345 (Cross-site scripting (XSS) vulnerability in Namazu before 2.0.21, when ...)
 	- namazu2 2.0.21-1 (low)
 	[squeeze] - namazu2 <no-dsa> (Minor issue)
@@ -1238,7 +1244,7 @@ CVE-2011-4320 [ejabberd DoS in pubsub module]
 	- ejabberd 2.1.9-1
 	NOTE: https://support.process-one.net/browse/EJAB-1498
 CVE-2011-4319 (Cross-site scripting (XSS) vulnerability in the i18n translations ...)
-	TODO: check
+	- rails <not-affected> (Only affects RoR 3.0 and above)
 CVE-2011-4318
 	RESERVED
 	- dovecot <unfixed> (unimportant; bug #649511)
@@ -1394,13 +1400,13 @@ CVE-2011-4268
 CVE-2011-4267
 	RESERVED
 CVE-2011-4266 (Untrusted search path vulnerability in FFFTP before 1.98d allows local ...)
-	TODO: check
+	NOT-FOR-US: FFFTP 
 CVE-2011-4265 (Cross-site scripting (XSS) vulnerability in phpWebSite before 1.0.0 ...)
-	TODO: check
+	NOT-FOR-US: phpWebSite
 CVE-2011-4264 (Cross-site scripting (XSS) vulnerability in Etomite before 1.1 allows ...)
-	TODO: check
+	NOT-FOR-US: Etomite
 CVE-2011-4263 (Cross-site scripting (XSS) vulnerability in Schneider Electric ...)
-	TODO: check
+	NOT-FOR-US: Schneider Electric PowerChute Business Edition
 CVE-2011-4262 (Unspecified vulnerability in RealNetworks RealPlayer before 15.0.0 ...)
 	NOT-FOR-US: RealNetworks RealPlayer
 CVE-2011-4261 (RealNetworks RealPlayer before 15.0.0 allows remote attackers to ...)
@@ -1522,9 +1528,9 @@ CVE-2011-4204
 CVE-2011-4203
 	RESERVED
 CVE-2011-4202 (The Tadasoft Restorepoint 3.2 evaluation image uses weak permissions ...)
-	TODO: check
+	NOT-FOR-US: Tadasoft Restorepoint
 CVE-2011-4201 (remote_support.cgi in the Tadasoft Restorepoint 3.2 evaluation image ...)
-	TODO: check
+	NOT-FOR-US: Tadasoft Restorepoint
 CVE-2011-4200
 	RESERVED
 CVE-2011-4199
@@ -1618,9 +1624,9 @@ CVE-2011-4164
 CVE-2011-4163
 	RESERVED
 CVE-2011-4162 (The (1) AddUser, (2) AddUserEx, (3) RemoveUser, (4) RemoveUserByGuide, ...)
-	TODO: check
+	NOT-FOR-US: HP Protect Tools Device Access Manager
 CVE-2011-4161 (The default configuration of the HP CM8060 Color MFP with Edgeline; ...)
-	TODO: check
+	NOT-FOR-US: HP CM8060 Color MFP
 CVE-2011-4160 (Unspecified vulnerability in HP Operations Agent 11.00 and Performance ...)
 	NOT-FOR-US: HP Operations Agent
 CVE-2011-4159 (Unspecified vulnerability in System Administration Manager (SAM) in ...)
@@ -1661,7 +1667,7 @@ CVE-2011-4143
 CVE-2011-4142
 	RESERVED
 CVE-2011-4141 (Untrusted search path vulnerability in EMC RSA SecurID Software Token ...)
-	TODO: check
+	NOT-FOR-US: RSA SecurID
 CVE-2011-4140 (The CSRF protection mechanism in Django through 1.2.7 and 1.3.x ...)
 	{DSA-2332-1}
 	- python-django 1.3.1-1 (bug #641405)
@@ -1866,7 +1872,7 @@ CVE-2011-4074 (Cross-site scripting (XSS) vulnerability in cmd.php in phpLDAPadm
 	{DSA-2333-1}
 	- phpldapadmin 1.2.0.5-2.1 (bug #646769)
 CVE-2011-4073 (Use-after-free vulnerability in the cryptographic helper handler ...)
-	- openswan <unfixed> (low; bug #650674)
+	- openswan 1:2.6.37-1 (low; bug #650674)
 CVE-2011-XXXX [incorrect OPENSSL_assert() in DTLS code]
 	- openssl <unfixed> (low; bug #645805)
 	NOTE: http://rt.openssl.org/Ticket/Display.html?id=2625&user=guest&pass=guest
@@ -1913,13 +1919,13 @@ CVE-2011-4056
 CVE-2011-4055
 	RESERVED
 CVE-2011-4054 (Cross-site scripting (XSS) vulnerability in login.fcc in CA SiteMinder ...)
-	TODO: check
+	NOT-FOR-US: CA SiteMinder
 CVE-2011-4053
 	RESERVED
 CVE-2011-4052 (Stack-based buffer overflow in CEServer.exe in the CEServer component ...)
-	TODO: check
+	NOT-FOR-US: InduSoft Web Studio
 CVE-2011-4051 (CEServer.exe in the CEServer component in the Remote Agent module in ...)
-	TODO: check
+	NOT-FOR-US: InduSoft Web Studio
 CVE-2011-4050
 	RESERVED
 CVE-2011-4049
@@ -1941,7 +1947,7 @@ CVE-2011-4042
 CVE-2011-4041
 	RESERVED
 CVE-2011-4040 (Buffer overflow in MiniSmtp 3.0.11818 in NJStar Communicator allows ...)
-	TODO: check
+	NOT-FOR-US: NJStar Communicator
 CVE-2011-4039
 	RESERVED
 CVE-2011-4038
@@ -1949,13 +1955,13 @@ CVE-2011-4038
 CVE-2011-4037
 	RESERVED
 CVE-2011-4036 (Directory traversal vulnerability in Schneider Electric Vijeo ...)
-	TODO: check
+	NOT-FOR-US: Schneider Electric Vijeo
 CVE-2011-4035 (Cross-site scripting (XSS) vulnerability in Schneider Electric Vijeo ...)
-	TODO: check
+	NOT-FOR-US: Schneider Electric Vijeo
 CVE-2011-4034 (Buffer overflow in the Steema TeeChart ActiveX control, as used in ...)
-	TODO: check
+	NOT-FOR-US: Steema TeeChart 
 CVE-2011-4033 (Buffer overflow in the Steema TeeChart ActiveX control, as used in ...)
-	TODO: check
+	NOT-FOR-US: Steema TeeChart 
 CVE-2011-4032
 	RESERVED
 CVE-2011-4031
@@ -2442,7 +2448,7 @@ CVE-2011-3836
 CVE-2011-3835
 	RESERVED
 CVE-2011-3834 (Multiple integer overflows in the in_avi.dll plugin in Winamp before ...)
-	TODO: check
+	NOT-FOR-US: Winamp
 CVE-2011-3833
 	RESERVED
 CVE-2011-3832
@@ -2454,7 +2460,7 @@ CVE-2011-3830
 CVE-2011-3829
 	RESERVED
 CVE-2011-3828 (DVRemoteAx.ax 2.1.0.39 in the DVR Remote ActiveX control allows remote ...)
-	TODO: check
+	NOT-FOR-US: DVR Remote
 CVE-2011-3827
 	RESERVED
 CVE-2011-3826 (Zikula 1.2.4 allows remote attackers to obtain sensitive information ...)
@@ -2911,7 +2917,7 @@ CVE-2011-3638
 CVE-2011-3637
 	RESERVED
 CVE-2011-3636 (Cross-site request forgery (CSRF) vulnerability in the management ...)
-	TODO: check
+	NOT-FOR-US: FreeIPA
 CVE-2011-3635 (Cross-site scripting (XSS) vulnerability in the ...)
 	- empathy 3.2.1.1-1
 	[lenny] - empathy <not-affected> (only affects webkit theming, not present in Lenny)
@@ -3541,41 +3547,41 @@ CVE-2011-3415
 CVE-2011-3414
 	RESERVED
 CVE-2011-3413 (Microsoft PowerPoint 2007 SP2; Office 2008 for Mac; Office ...)
-	TODO: check
+	NOT-FOR-US: Microsoft PowerPoint
 CVE-2011-3412 (Microsoft Publisher 2003 SP3, and 2007 SP2 and SP3, allows remote ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Publisher
 CVE-2011-3411 (Microsoft Publisher 2003 SP3 allows remote attackers to execute ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Publisher
 CVE-2011-3410 (Array index error in Microsoft Publisher 2003 SP3, and 2007 SP2 and ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Publisher
 CVE-2011-3409
 	RESERVED
 CVE-2011-3408 (Csrsrv.dll in the Client/Server Run-time Subsystem (aka CSRSS) in the ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Windows XP
 CVE-2011-3407
 	RESERVED
 CVE-2011-3406 (Buffer overflow in Active Directory, Active Directory Application Mode ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Active Directory
 CVE-2011-3405
 	RESERVED
 CVE-2011-3404 (Microsoft Internet Explorer 6 through 9 does not properly use the ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2011-3403 (Microsoft Excel 2003 SP3 and Office 2004 for Mac do not properly ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Excel
 CVE-2011-3402 (Unspecified vulnerability in the Win32k TrueType font parsing engine ...)
 	NOT-FOR-US: Microsoft Windows
 CVE-2011-3401 (ENCDEC.DLL in Windows Media Player and Media Center in Microsoft ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Media Player
 CVE-2011-3400 (Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 do not properly ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Windows XP
 CVE-2011-3399
 	RESERVED
 CVE-2011-3398
 	RESERVED
 CVE-2011-3397 (The Microsoft Time component in DATIME.DLL in Microsoft Windows XP SP2 ...)
-	TODO: check
+	NOT-FOR-US: Microsoft Windows XP
 CVE-2011-3396 (Untrusted search path vulnerability in Microsoft PowerPoint 2007 SP2 ...)
-	TODO: check
+	NOT-FOR-US: Microsoft PowerPoint
 CVE-2011-3395
 	RESERVED
 CVE-2011-3394 (SQL injection vulnerability in findagent.php in MYRE Real Estate ...)
@@ -6919,13 +6925,6 @@ CVE-2011-2198 [vte memory exhaustion]
 	- vte 1:0.28.1-1 (low; bug #629688)
 	[lenny] - vte <no-dsa> (Minor issue)
 	[squeeze] - vte 1:0.24.3-3
-CVE-2011-XXXX [libpam-ssh: pam_ssh not dropping root gid(s)]
-	- libpam-ssh <unfixed> (low)
-	[squeeze] - libpam-ssh <no-dsa> (Minor issue) 
-	[lenny] - libpam-ssh <no-dsa> (Minor issue) 
-	NOTE: https://bugzilla.novell.com/show_bug.cgi?id=665061
-	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=711170
-	NOTE: CVE request and discussion: http://www.openwall.com/lists/oss-security/2011/06/06/3
 CVE-2011-2185 (Fabric before 1.1.0 allows local users to overwrite arbitrary files ...)
 	- fabric 1.1.2-1 (low; bug #629003)
 	[squeeze] - fabric <no-dsa> (Minor issue)
@@ -7993,8 +7992,8 @@ CVE-2011-1776 (The is_gpt_valid function in fs/partitions/efi.c in the Linux ker
 CVE-2011-1775 (The CSecurityTLS::processMsg function in common/rfb/CSecurityTLS.cxx ...)
 	NOT-FOR-US: TigerVNC
 CVE-2011-1774 (WebKit in Apple Safari before 5.0.6 has improper libxslt security ...)
-	- xmlsec1 1.2.14-1.1
-	NOTE: very likely a duplicate of cve-2011-1425
+	- webkit <unfixed>
+	NOTE: CVE-2011-1774 is about webkit's interface to xmlsec, CVE-2011-1425 is the actual issue
 	NOTE: http://www.openwall.com/lists/oss-security/2011/05/09/4
 CVE-2011-1773
 	RESERVED
@@ -10772,11 +10771,6 @@ CVE-2011-XXXX [libpurple info leak]
 	[lenny] - pidgin <no-dsa> (Minor issue)
 	[squeeze] - pidgin <no-dsa> (Minor issue)
 	NOTE: http://www.pidgin.im/news/security/?id=50
-CVE-2011-XXXX [stunnel fd leak]
-	- stunnel4 <unfixed> (low)
-	[lenny] - stunnel4 <no-dsa> (Minor issue)
-	[squeeze] - stunnel4 <no-dsa> (Minor issue)
-	NOTE: http://www.stunnel.org/?page=sdf_ChangeLog (v4.35)
 CVE-2011-1136 [tesseract tempfile]
 	RESERVED
 	- tesseract 2.04-2.1 (low; bug #612032)
author	Moritz Muehlenhoff <jmm@debian.org>	2011-12-22 17:51:22 +0000
committer	Moritz Muehlenhoff <jmm@debian.org>	2011-12-22 17:51:22 +0000
commit	2abe952af3304306d00abf2c93ff397e1a91f085 (patch)
tree	c00b3627b818430f6814de8fcd378008fe9ec28e /data/CVE
parent	beb049b3053e663142d0f5d7f12767268a75bb69 (diff)