[Secure-testing-commits] r24554 - data/CVE

Tue, 03 Dec 2013 13:51:48 -0800 

Author: nion
Date: 2013-12-03 21:51:16 +0000 (Tue, 03 Dec 2013)
New Revision: 24554

Modified:
   data/CVE/list
Log:
NFUs; CVE-2012-6535,CVE-2013-1061 fixed

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2013-12-03 21:45:59 UTC (rev 24553)
+++ data/CVE/list       2013-12-03 21:51:16 UTC (rev 24554)
@@ -1433,7 +1433,7 @@
 CVE-2013-6308
        RESERVED
 CVE-2013-6307 (Cross-site scripting (XSS) vulnerability in IBM Security QRadar 
SIEM ...)
-       TODO: check
+       NOT-FOR-US: IBM Security QRadar SIEM
 CVE-2013-6306
        RESERVED
 CVE-2013-6305
@@ -3475,7 +3475,7 @@
 CVE-2013-5449
        RESERVED
 CVE-2013-5448 (Cross-site scripting (XSS) vulnerability in the Right Click 
Plugin ...)
-       TODO: check
+       NOT-FOR-US: IBM Security QRadar SIEM
 CVE-2013-5447
        RESERVED
 CVE-2013-5446 (The console on IBM WebSphere DataPower XC10 appliances 2.1.0 
and 2.5.0 ...)
@@ -10033,7 +10033,7 @@
 CVE-2013-2819
        RESERVED
 CVE-2013-2818 (The DNP Master Driver in Alstom e-terracontrol 3.5, 3.6, and 
3.7 ...)
-       TODO: check
+       NOT-FOR-US: e-terracontrol
 CVE-2013-2817
        RESERVED
 CVE-2013-2816
@@ -10775,7 +10775,8 @@
 CVE-2013-2506 (app/models/spree/user.rb in spree_auth_devise in Spree 1.1.x 
before ...)
        NOT-FOR-US: Spree 
 CVE-2012-6535 (DjVuLibre before 3.5.25.3, as used in Evince, Sumatra PDF 
Reader, ...)
-       TODO: check
+       - djvulibre 3.5.25.3-1
+       NOTE: evince doesnt use an embedded version of this
 CVE-2013-2505
        RESERVED
 CVE-2013-2504
@@ -15197,8 +15198,7 @@
 CVE-2013-1062 (ubuntu-system-service 0.2.4 before 0.2.4.1. 0.2.3 before 
0.2.3.1, and ...)
        NOT-FOR-US: ubuntu-system-service
 CVE-2013-1061 (dbus/SoftwarePropertiesDBus.py in Software Properties 0.92.17 
before ...)
-       - software-properties <unfixed>
-       TODO: check
+       - software-properties 0.92.18 (low)
 CVE-2013-1060 (A certain Ubuntu build procedure for perf, as distributed in 
the Linux ...)
        NOT-FOR-US: Ubuntu packaging specific
 CVE-2013-1059 (net/ceph/auth_none.c in the Linux kernel through 3.10 allows 
remote ...)
@@ -33977,7 +33977,7 @@
 CVE-2012-0428 (Cross-site scripting (XSS) vulnerability in NetIQ eDirectory 
8.8.6.x ...)
        NOT-FOR-US: NetIQ eDirectory
 CVE-2012-0427 (yast2-add-on-creator in SUSE inst-source-utils 2008.11.26 
before ...)
-       TODO: check
+       NOT-FOR-US: inst-source-utils
 CVE-2012-0426 (Race condition in sap_suse_cluster_connector before 1.0.0-0.8.1 
in ...)
        NOT-FOR-US: SUSE Linux Enterprise for SAP Applications
 CVE-2012-0425 (LanItems.ycp in save_y2logs in yast2-network before 2.24.4 in 
SUSE ...)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to