automatic update

git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@22405 e39458fd-73e7-0310-bf30-c45bca0a0e42
author: Joey Hess <joeyh@debian.org> 2013-05-29 21:14:29 +0000
committer: Joey Hess <joeyh@debian.org> 2013-05-29 21:14:29 +0000
commit: 0b32b212ef40b87d096d51a7399b36c06b41271f (patch)
tree: 993b99a9d2293f2ef2abe4645cc17e35b4dcd2e5 /data
parent: 2918a67470a889dba5f09c04054efc36d0784a4b (diff)
2 files changed, 25 insertions, 18 deletions
diff --git a/data/CVE/2002.list b/data/CVE/2002.list
index ced6c30509..dfbbfa362d 100644
--- a/data/CVE/2002.list
+++ b/data/CVE/2002.list
@@ -1,7 +1,6 @@
 CVE-2002-2483
 	- linux-2.6 2.4.20
-CVE-2002-2443 [kpasswd UDP ping-pong]
-	RESERVED
+CVE-2002-2443 (schpw.c in the kpasswd service in kadmind in MIT Kerberos 5 (aka krb5) ...)
 	- krb5 1.10.1+dfsg-6 (bug #708267)
 	NOTE: http://krbdev.mit.edu/rt/Ticket/Display.html?id=7637
 	NOTE: https://github.com/krb5/krb5/commit/cf1a0c411b2668c57c41e9c4efd15ba17b6b322c
diff --git a/data/CVE/2013.list b/data/CVE/2013.list
index 6b78a30da6..f334ec7386 100644
--- a/data/CVE/2013.list
+++ b/data/CVE/2013.list
@@ -1,3 +1,11 @@
+CVE-2013-3685
+	RESERVED
+CVE-2013-3684
+	RESERVED
+CVE-2013-3683
+	RESERVED
+CVE-2013-3682
+	RESERVED
 CVE-2013-3681
 	RESERVED
 CVE-2013-3680
@@ -28,8 +36,8 @@ CVE-2013-3668
 	RESERVED
 CVE-2013-3667
 	RESERVED
-CVE-2013-3666
-	RESERVED
+CVE-2013-3666 (The LG Hidden Menu component for Android on the LG Optimus G E973 ...)
+	TODO: check
 CVE-2013-3665
 	RESERVED
 CVE-2013-3664
@@ -281,6 +289,7 @@ CVE-2013-3552
 	RESERVED
 CVE-2013-3551
 	RESERVED
+	{DSA-2696-1}
 	- otrs2 3.2.7-1
 	[squeeze] - otrs2 <not-affected>
 CVE-2013-3550
@@ -1480,8 +1489,8 @@ CVE-2013-2991
 	RESERVED
 CVE-2013-2990
 	RESERVED
-CVE-2013-2989
-	RESERVED
+CVE-2013-2989 (The file-copying functionality in IBM Sterling Connect:Direct 3.8.00, ...)
+	TODO: check
 CVE-2013-2988
 	RESERVED
 CVE-2013-2987
@@ -3434,6 +3443,7 @@ CVE-2013-2117 [directory traversal]
 	- cgit <itp> (bug #515793)
 CVE-2013-2116
 	RESERVED
+	{DSA-2697-1}
 	- gnutls26 2.12.23-5 (bug #709301)
 	[squeeze] - gnutls26 <not-affected> (vulnerable code not backported)
 CVE-2013-2115 [incomplete fix for CVE-2013-1966]
@@ -3608,8 +3618,7 @@ CVE-2013-2070 [nginx proxy_pass buffer overflow]
 	RESERVED
 	- nginx 1.4.1-1 (bug #708164)
 	[squeeze] - nginx <not-affected> (Vulnerable code not present)
-CVE-2013-2069
-	RESERVED
+CVE-2013-2069 (Red Hat livecd-tools before 13.4.4, 17.x before 17.17, 18.x before ...)
 	NOT-FOR-US: Red Hat livecd-tools
 	NOTE: http://www.openwall.com/lists/oss-security/2013/05/23/2
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=964299
@@ -3999,8 +4008,7 @@ CVE-2013-1963
 	RESERVED
 	- owncloud <not-affected> (Vulnerable code not present)
 	NOTE: oC >= 4.5 only
-CVE-2013-1962 [DoS (max count of open files exhaustion) due sockets leak in the storage pool]
-	RESERVED
+CVE-2013-1962 (The remoteDispatchStoragePoolListAllVolumes function in the storage ...)
 	- libvirt <not-affected> (Vulnerable code not present)
 	NOTE: http://libvirt.org/git/?p=libvirt.git;a=commitdiff;h=ca697e90d5bd6a6dfb94bfb6d4438bdf9a44b739
 CVE-2013-1961 [libtiff-tools: Stack-based buffer overflow with malformed image-length and resolution]
@@ -7323,8 +7331,8 @@ CVE-2013-0601 (Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, an
 	NOT-FOR-US: Adobe Reader and Acrobat
 CVE-2013-0600 (Unspecified vulnerability on IBM WebSphere DataPower XC10 Appliance ...)
 	NOT-FOR-US: IBM WebSphere DataPower XC10 Appliance devices
-CVE-2013-0599
-	RESERVED
+CVE-2013-0599 (IBM Eclipse Help System (IEHS), as used in IBM Rational Directory ...)
+	TODO: check
 CVE-2013-0598
 	RESERVED
 CVE-2013-0597
@@ -7369,8 +7377,8 @@ CVE-2013-0578 (The Sterling Order Management APIs in IBM Sterling Multi-Channel
 	NOT-FOR-US: IBM
 CVE-2013-0577
 	RESERVED
-CVE-2013-0576
-	RESERVED
+CVE-2013-0576 (Cross-site scripting (XSS) vulnerability in the Tivoli Enterprise ...)
+	TODO: check
 CVE-2013-0575
 	RESERVED
 CVE-2013-0574
@@ -7523,8 +7531,8 @@ CVE-2013-0501 (The EdrawSoft EDOFFICE.EDOfficeCtrl.1 ActiveX control, as used in
 	NOT-FOR-US: IBM Cognos Disclosure Management
 CVE-2013-0500
 	RESERVED
-CVE-2013-0499
-	RESERVED
+CVE-2013-0499 (Cross-site scripting (XSS) vulnerability in the echo functionality on ...)
+	TODO: check
 CVE-2013-0498
 	RESERVED
 CVE-2013-0497
@@ -7557,8 +7565,8 @@ CVE-2013-0484
 	RESERVED
 CVE-2013-0483 (The login component in SOAP Gateway in IBM IMS Enterprise Suite 1.1, ...)
 	NOT-FOR-US: IBM IMS Enterprise Suite
-CVE-2013-0482
-	RESERVED
+CVE-2013-0482 (IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.29, 8.0 before ...)
+	TODO: check
 CVE-2013-0481
 	RESERVED
 CVE-2013-0480
author	Joey Hess <joeyh@debian.org>	2013-05-29 21:14:29 +0000
committer	Joey Hess <joeyh@debian.org>	2013-05-29 21:14:29 +0000
commit	0b32b212ef40b87d096d51a7399b36c06b41271f (patch)
tree	993b99a9d2293f2ef2abe4645cc17e35b4dcd2e5 /data
parent	2918a67470a889dba5f09c04054efc36d0784a4b (diff)