automatic update

git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@22455 e39458fd-73e7-0310-bf30-c45bca0a0e42

2 files changed, 35 insertions, 4 deletions

diff --git a/data/CVE/2002.list b/data/CVE/2002.list
index bd426e1e72..1c572b8ced 100644
--- a/data/CVE/2002.list
+++ b/data/CVE/2002.list
@@ -1,7 +1,7 @@
 CVE-2002-2483
 	- linux-2.6 2.4.20
 CVE-2002-2443 (schpw.c in the kpasswd service in kadmind in MIT Kerberos 5 (aka krb5) ...)
-	{DSA-2698-1}
+	{DSA-2701-1 DSA-2698-1}
 	- krb5 1.10.1+dfsg-6 (bug #708267)
 	NOTE: http://krbdev.mit.edu/rt/Ticket/Display.html?id=7637
 	NOTE: https://github.com/krb5/krb5/commit/cf1a0c411b2668c57c41e9c4efd15ba17b6b322c
diff --git a/data/CVE/2013.list b/data/CVE/2013.list
index 5d9ed62af4..5b90f0e95c 100644
--- a/data/CVE/2013.list
+++ b/data/CVE/2013.list
@@ -378,6 +378,7 @@ CVE-2013-3564
 CVE-2013-3563
 	RESERVED
 CVE-2013-3562 (Multiple integer signedness errors in the tvb_unmasked function in ...)
+	{DSA-2700-1}
 	- wireshark 1.8.7-1 (bug #709167)
 	[squeeze] - wireshark <not-affected> (Only affects 1.8.x)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8499
@@ -388,25 +389,30 @@ CVE-2013-3561 (Multiple integer overflows in Wireshark 1.8.x before 1.8.7 allow
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8448
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2013-29.html
 CVE-2013-3560 (The dissect_dsmcc_un_download function in ...)
+	{DSA-2700-1}
 	- wireshark 1.8.7-1 (unimportant; bug #709167)
 	[squeeze] - wireshark <not-affected> (Only affects 1.8.x)
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2013-28.html
 	NOTE: Not suitable for code injection
 CVE-2013-3559 (epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector in ...)
+	{DSA-2700-1}
 	- wireshark 1.8.7-1 (bug #709167)
 	[squeeze] - wireshark <not-affected> (Only affects 1.8.x)
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2013-27.html
 CVE-2013-3558 (The dissect_ccp_bsdcomp_opt function in epan/dissectors/packet-ppp.c ...)
+	{DSA-2700-1}
 	- wireshark 1.8.7-1 (bug #709167)
 	[squeeze] - wireshark <not-affected> (Only affects 1.8.x)
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2013-26.html
 CVE-2013-3557 (The dissect_ber_choice function in epan/dissectors/packet-ber.c in the ...)
+	{DSA-2700-1}
 	- wireshark 1.8.7-1 (unimportant; bug #709167)
 	NOTE: Not suitable for code injection
 CVE-2013-3556 (The fragment_add_seq_common function in epan/reassemble.c in the ASN.1 ...)
 	- wireshark <not-affected> (Only affected the dev trunk)
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2013-25.html (r48943)
 CVE-2013-3555 (epan/dissectors/packet-gtpv2.c in the GTPv2 dissector in Wireshark ...)
+	{DSA-2700-1}
 	- wireshark 1.8.7-1 (bug #709167)
 	[squeeze] - wireshark <not-affected> (Only affects 1.8.x)
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2013-24.html
@@ -912,7 +918,8 @@ CVE-2013-3317
 	RESERVED
 CVE-2013-3316
 	RESERVED
-CVE-2013-3315 (The server in TIBCO Silver Mobile 1.1.0 does not properly verify access ...)
+CVE-2013-3315
+	RESERVED
 	NOT-FOR-US: TIBCO
 CVE-2013-3314
 	RESERVED
@@ -4995,34 +5002,42 @@ CVE-2013-1683
 CVE-2013-1682
 	RESERVED
 CVE-2013-1681 (Use-after-free vulnerability in the ...)
+	{DSA-2699-1}
 	- iceweasel 17.0.6esr-1
 	- icedove <unfixed>
 	- iceape <unfixed>
 CVE-2013-1680 (Use-after-free vulnerability in the nsFrameList::FirstChild function ...)
+	{DSA-2699-1}
 	- iceweasel 17.0.6esr-1
 	- icedove <unfixed>
 	- iceape <unfixed>
 CVE-2013-1679 (Use-after-free vulnerability in the ...)
+	{DSA-2699-1}
 	- iceweasel 17.0.6esr-1
 	- icedove <unfixed>
 	- iceape <unfixed>
 CVE-2013-1678 (The _cairo_xlib_surface_add_glyph function in Mozilla Firefox before ...)
+	{DSA-2699-1}
 	- iceweasel 17.0.6esr-1
 	- icedove <unfixed>
 	- iceape <unfixed>
 CVE-2013-1677 (The gfxSkipCharsIterator::SetOffsets function in Mozilla Firefox ...)
+	{DSA-2699-1}
 	- iceweasel 17.0.6esr-1
 	- icedove <unfixed>
 	- iceape <unfixed>
 CVE-2013-1676 (The SelectionIterator::GetNextSegment function in Mozilla Firefox ...)
+	{DSA-2699-1}
 	- iceweasel 17.0.6esr-1
 	- icedove <unfixed>
 	- iceape <unfixed>
 CVE-2013-1675 (Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, ...)
+	{DSA-2699-1}
 	- iceweasel 17.0.6esr-1
 	- icedove <unfixed>
 	- iceape <unfixed>
 CVE-2013-1674 (Use-after-free vulnerability in Mozilla Firefox before 21.0, Firefox ...)
+	{DSA-2699-1}
 	- iceweasel 17.0.6esr-1
 	- icedove <unfixed>
 	- iceape <unfixed>
@@ -5037,6 +5052,7 @@ CVE-2013-1671 (Mozilla Firefox before 21.0 does not properly implement the INPUT
 	[wheezy] - iceweasel <not-affected> (Doesn't affect ESR 17 series)
 	NOTE: fixed in experimental in 21.0-1
 CVE-2013-1670 (The Chrome Object Wrapper (COW) implementation in Mozilla Firefox ...)
+	{DSA-2699-1}
 	- iceweasel 17.0.6esr-1
 	- icedove <unfixed>
 	- iceape <unfixed>
@@ -6048,9 +6064,11 @@ CVE-2013-1249 (Race condition in win32k.sys in the kernel-mode drivers in Micros
 	NOT-FOR-US: Microsoft Windows
 CVE-2013-1248 (Race condition in win32k.sys in the kernel-mode drivers in Microsoft ...)
 	NOT-FOR-US: Microsoft Windows
-CVE-2013-1247 (Cross-site scripting (XSS) vulnerability in the wireless configuration ...)
+CVE-2013-1247
+	RESERVED
 	NOT-FOR-US: Cisco
-CVE-2013-1246 (Cisco TelePresence System Software does not properly handle inactive ...)
+CVE-2013-1246
+	RESERVED
 	NOT-FOR-US: Cisco
 CVE-2013-1245 (The user-management page in Cisco WebEx Social relies on client-side ...)
 	NOT-FOR-US: Cisco WebEx Social
@@ -7130,10 +7148,12 @@ CVE-2013-0803
 CVE-2013-0802
 	RESERVED
 CVE-2013-0801 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+	{DSA-2699-1}
 	- iceweasel 17.0.6esr-1
 	- icedove <unfixed>
 	- iceape <unfixed>
 CVE-2013-0800 (Integer signedness error in the pixman_fill_sse2 function in ...)
+	{DSA-2699-1}
 	- iceweasel 17.0.5esr-1
 	- icedove 17.0.5-1
 	- iceape <unfixed>
@@ -7148,10 +7168,12 @@ CVE-2013-0798 (Mozilla Firefox before 20.0 on Android uses world-writable and ..
 CVE-2013-0797 (Untrusted search path vulnerability in the Mozilla Updater in Mozilla ...)
 	- iceweasel <not-affected> (Only affects Firefox on Windows)
 CVE-2013-0796 (The WebGL subsystem in Mozilla Firefox before 20.0, Firefox ESR 17.x ...)
+	{DSA-2699-1}
 	- iceweasel 17.0.5esr-1
 	- icedove 17.0.5-1
 	- iceape <unfixed>
 CVE-2013-0795 (The System Only Wrapper (SOW) implementation in Mozilla Firefox before ...)
+	{DSA-2699-1}
 	- icedove <unfixed>
 	- iceape <unfixed>
 	- iceweasel 17.0.5esr-1
@@ -7159,6 +7181,7 @@ CVE-2013-0794 (Mozilla Firefox before 20.0 and SeaMonkey before 2.17 do not prev
 	- iceweasel 17.0.5esr-1 (low)
 	- iceape <unfixed> (low)
 CVE-2013-0793 (Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, ...)
+	{DSA-2699-1}
 	- iceweasel 17.0.5esr-1
 	- icedove 17.0.5-1
 	- iceape <unfixed>
@@ -7175,10 +7198,12 @@ CVE-2013-0789 (Multiple unspecified vulnerabilities in the browser engine in Moz
 	- icedove <not-affected> (Only affects Firefox 19)
 	- iceape <not-affected> (Only affects Firefox 19)
 CVE-2013-0788 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+	{DSA-2699-1}
 	- iceweasel 17.0.5esr-1
 	- iceape <unfixed>
 	- icedove 17.0.5-1
 CVE-2013-0787 (Use-after-free vulnerability in the nsEditor::IsPreformatted function ...)
+	{DSA-2699-1}
 	- iceweasel 17.0.5esr-1
 	- icedove 17.0.5-1
 	- iceape <unfixed>
@@ -7196,11 +7221,13 @@ CVE-2013-0784 (Multiple unspecified vulnerabilities in the browser engine in Moz
 	- iceweasel <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- icedove <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 CVE-2013-0783 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+	{DSA-2699-1}
 	- iceweasel 17.0.5esr-1 (bug #703071)
 	- icedove 17.0.5-1
 	- iceape <unfixed>
 	NOTE: Fixed in experimental in 19.0-1, update when enters unstable
 CVE-2013-0782 (Heap-based buffer overflow in the nsSaveAsCharset::DoCharsetConversion ...)
+	{DSA-2699-1}
 	- iceweasel 17.0.5esr-1 (bug #703071)
 	- icedove 17.0.5-1
 	- iceape <unfixed>
@@ -7210,6 +7237,7 @@ CVE-2013-0781 (Use-after-free vulnerability in the nsPrintEngine::CommonPrint ..
 	- iceweasel <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- icedove <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 CVE-2013-0780 (Use-after-free vulnerability in the ...)
+	{DSA-2699-1}
 	- iceweasel 17.0.5esr-1 (bug #703071)
 	- icedove 17.0.5-1
 	- iceape <unfixed>
@@ -7227,11 +7255,13 @@ CVE-2013-0777 (Use-after-free vulnerability in the nsDisplayBoxShadowOuter::Pain
 	- iceweasel <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- icedove <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 CVE-2013-0776 (Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, ...)
+	{DSA-2699-1}
 	- iceweasel 17.0.5esr-1 (bug #703071)
 	- icedove 17.0.5-1
 	- iceape <unfixed>
 	NOTE: Fixed in experimental in 19.0-1, update when enters unstable
 CVE-2013-0775 (Use-after-free vulnerability in the ...)
+	{DSA-2699-1}
 	- iceweasel 17.0.5esr-1 (bug #703071)
 	- icedove 17.0.5-1
 	- iceape <unfixed>
@@ -7241,6 +7271,7 @@ CVE-2013-0774 (Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, ...)
 	- iceweasel <not-affected> (Introduced in Firefox 15)
 	- icedove <not-affected> (Introduced in Firefox 15)
 CVE-2013-0773 (The Chrome Object Wrapper (COW) and System Only Wrapper (SOW) ...)
+	{DSA-2699-1}
 	- iceweasel 17.0.5esr-1 (bug #703071)
 	- icedove 17.0.5-1
 	- iceape <unfixed>