[Mageia-dev] List of CVE referencing software versions present in Mageia 1

Buchan Milne bgmilne at zarb.org
Fri Jan 6 13:00:30 CET 2012


On Friday, 6 January 2012 00:37:54 Pascal Terjan wrote:
> Here is the output of a little script I just wrote.

Could we turn this script into a database, accessible to security team and 
maintainer of the package, which allows tracking of updates, and possibly 
integration with bugzilla, issuing of advisories, and providing OVAL data?

> Vulnerable version, please check that a patch was applied if needed

> * mapserver 5.6.6
>   - CVE-2011-2703
>   - CVE-2011-2704
>   - CVE-2011-2975

$ mgarepo maintdb get mapserver
obgr_seneca

> * openldap 2.4.25
>   - CVE-2011-4079

https://bugs.mageia.org/buglist.cgi?quicksearch=CVE-2011-4079
leads to:
https://bugs.mageia.org/show_bug.cgi?id=3193
Package in QA.

> * samba 3.5.8
>   - CVE-2011-1678
https://bugs.mageia.org/show_bug.cgi?id=2950 for cifs-utils, package in QA
https://bugs.mageia.org/show_bug.cgi?id=3980 for samba, package in QA
>   - CVE-2011-2522
>   - CVE-2011-2694

https://bugs.mageia.org/show_bug.cgi?id=3980, package in QA

>   - CVE-2011-2724
https://bugs.mageia.org/show_bug.cgi?id=2950 for cifs-utils, package in QA
https://bugs.mageia.org/show_bug.cgi?id=3980 for samba, package in QA

Regards,
Buchan


More information about the Mageia-dev mailing list