diff options
author | Joey Hess <joeyh@debian.org> | 2013-05-29 21:14:29 +0000 |
---|---|---|
committer | Joey Hess <joeyh@debian.org> | 2013-05-29 21:14:29 +0000 |
commit | 0b32b212ef40b87d096d51a7399b36c06b41271f (patch) | |
tree | 993b99a9d2293f2ef2abe4645cc17e35b4dcd2e5 | |
parent | 2918a67470a889dba5f09c04054efc36d0784a4b (diff) |
automatic update
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@22405 e39458fd-73e7-0310-bf30-c45bca0a0e42
-rw-r--r-- | data/CVE/2002.list | 3 | ||||
-rw-r--r-- | data/CVE/2013.list | 40 |
2 files changed, 25 insertions, 18 deletions
diff --git a/data/CVE/2002.list b/data/CVE/2002.list index ced6c30509..dfbbfa362d 100644 --- a/data/CVE/2002.list +++ b/data/CVE/2002.list @@ -1,7 +1,6 @@ CVE-2002-2483 - linux-2.6 2.4.20 -CVE-2002-2443 [kpasswd UDP ping-pong] - RESERVED +CVE-2002-2443 (schpw.c in the kpasswd service in kadmind in MIT Kerberos 5 (aka krb5) ...) - krb5 1.10.1+dfsg-6 (bug #708267) NOTE: http://krbdev.mit.edu/rt/Ticket/Display.html?id=7637 NOTE: https://github.com/krb5/krb5/commit/cf1a0c411b2668c57c41e9c4efd15ba17b6b322c diff --git a/data/CVE/2013.list b/data/CVE/2013.list index 6b78a30da6..f334ec7386 100644 --- a/data/CVE/2013.list +++ b/data/CVE/2013.list @@ -1,3 +1,11 @@ +CVE-2013-3685 + RESERVED +CVE-2013-3684 + RESERVED +CVE-2013-3683 + RESERVED +CVE-2013-3682 + RESERVED CVE-2013-3681 RESERVED CVE-2013-3680 @@ -28,8 +36,8 @@ CVE-2013-3668 RESERVED CVE-2013-3667 RESERVED -CVE-2013-3666 - RESERVED +CVE-2013-3666 (The LG Hidden Menu component for Android on the LG Optimus G E973 ...) + TODO: check CVE-2013-3665 RESERVED CVE-2013-3664 @@ -281,6 +289,7 @@ CVE-2013-3552 RESERVED CVE-2013-3551 RESERVED + {DSA-2696-1} - otrs2 3.2.7-1 [squeeze] - otrs2 <not-affected> CVE-2013-3550 @@ -1480,8 +1489,8 @@ CVE-2013-2991 RESERVED CVE-2013-2990 RESERVED -CVE-2013-2989 - RESERVED +CVE-2013-2989 (The file-copying functionality in IBM Sterling Connect:Direct 3.8.00, ...) + TODO: check CVE-2013-2988 RESERVED CVE-2013-2987 @@ -3434,6 +3443,7 @@ CVE-2013-2117 [directory traversal] - cgit <itp> (bug #515793) CVE-2013-2116 RESERVED + {DSA-2697-1} - gnutls26 2.12.23-5 (bug #709301) [squeeze] - gnutls26 <not-affected> (vulnerable code not backported) CVE-2013-2115 [incomplete fix for CVE-2013-1966] @@ -3608,8 +3618,7 @@ CVE-2013-2070 [nginx proxy_pass buffer overflow] RESERVED - nginx 1.4.1-1 (bug #708164) [squeeze] - nginx <not-affected> (Vulnerable code not present) -CVE-2013-2069 - RESERVED +CVE-2013-2069 (Red Hat livecd-tools before 13.4.4, 17.x before 17.17, 18.x before ...) NOT-FOR-US: Red Hat livecd-tools NOTE: http://www.openwall.com/lists/oss-security/2013/05/23/2 NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=964299 @@ -3999,8 +4008,7 @@ CVE-2013-1963 RESERVED - owncloud <not-affected> (Vulnerable code not present) NOTE: oC >= 4.5 only -CVE-2013-1962 [DoS (max count of open files exhaustion) due sockets leak in the storage pool] - RESERVED +CVE-2013-1962 (The remoteDispatchStoragePoolListAllVolumes function in the storage ...) - libvirt <not-affected> (Vulnerable code not present) NOTE: http://libvirt.org/git/?p=libvirt.git;a=commitdiff;h=ca697e90d5bd6a6dfb94bfb6d4438bdf9a44b739 CVE-2013-1961 [libtiff-tools: Stack-based buffer overflow with malformed image-length and resolution] @@ -7323,8 +7331,8 @@ CVE-2013-0601 (Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, an NOT-FOR-US: Adobe Reader and Acrobat CVE-2013-0600 (Unspecified vulnerability on IBM WebSphere DataPower XC10 Appliance ...) NOT-FOR-US: IBM WebSphere DataPower XC10 Appliance devices -CVE-2013-0599 - RESERVED +CVE-2013-0599 (IBM Eclipse Help System (IEHS), as used in IBM Rational Directory ...) + TODO: check CVE-2013-0598 RESERVED CVE-2013-0597 @@ -7369,8 +7377,8 @@ CVE-2013-0578 (The Sterling Order Management APIs in IBM Sterling Multi-Channel NOT-FOR-US: IBM CVE-2013-0577 RESERVED -CVE-2013-0576 - RESERVED +CVE-2013-0576 (Cross-site scripting (XSS) vulnerability in the Tivoli Enterprise ...) + TODO: check CVE-2013-0575 RESERVED CVE-2013-0574 @@ -7523,8 +7531,8 @@ CVE-2013-0501 (The EdrawSoft EDOFFICE.EDOfficeCtrl.1 ActiveX control, as used in NOT-FOR-US: IBM Cognos Disclosure Management CVE-2013-0500 RESERVED -CVE-2013-0499 - RESERVED +CVE-2013-0499 (Cross-site scripting (XSS) vulnerability in the echo functionality on ...) + TODO: check CVE-2013-0498 RESERVED CVE-2013-0497 @@ -7557,8 +7565,8 @@ CVE-2013-0484 RESERVED CVE-2013-0483 (The login component in SOAP Gateway in IBM IMS Enterprise Suite 1.1, ...) NOT-FOR-US: IBM IMS Enterprise Suite -CVE-2013-0482 - RESERVED +CVE-2013-0482 (IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.29, 8.0 before ...) + TODO: check CVE-2013-0481 RESERVED CVE-2013-0480 |