[Secure-testing-commits] r23983 - data
Author: carnil Date: 2013-10-13 06:24:28 + (Sun, 13 Oct 2013) New Revision: 23983 Modified: data/next-oldstable-point-update.txt Log: Add various CVE's for zabbix fixed trough opu Modified: data/next-oldstable-point-update.txt === --- data/next-oldstable-point-update.txt2013-10-12 21:29:11 UTC (rev 23982) +++ data/next-oldstable-point-update.txt2013-10-13 06:24:28 UTC (rev 23983) @@ -26,3 +26,15 @@ [squeeze] - pcp 3.3.3-squeeze3 CVE-2013-4124 [squeeze] - samba 2:3.5.6~dfsg-3squeeze10 +CVE-2013-5743 + [squeeze] - zabbix 1:1.8.2-1squeeze5 +CVE-2011-3263 + [squeeze] - zabbix 1:1.8.2-1squeeze5 +CVE-2011-3265 + [squeeze] - zabbix 1:1.8.2-1squeeze5 +CVE-2011-3264 + [squeeze] - zabbix 1:1.8.2-1squeeze5 +CVE-2011-3265 + [squeeze] - zabbix 1:1.8.2-1squeeze5 +CVE-2013-1364 + [squeeze] - zabbix 1:1.8.2-1squeeze5 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r23982 - data
Author: carnil Date: 2013-10-12 21:29:11 + (Sat, 12 Oct 2013) New Revision: 23982 Modified: data/next-point-update.txt Log: Add CVE-2013-4326/rtkit to next stable point release Modified: data/next-point-update.txt === --- data/next-point-update.txt 2013-10-12 15:11:17 UTC (rev 23981) +++ data/next-point-update.txt 2013-10-12 21:29:11 UTC (rev 23982) @@ -0,0 +1,2 @@ +CVE-2013-4326 + [wheezy] - rtkit 0.10-2+wheezy1 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r23981 - data
Author: thijs Date: 2013-10-12 15:11:17 + (Sat, 12 Oct 2013) New Revision: 23981 Modified: data/next-point-update.txt Log: no stable upload for nova yet (see #719632) Modified: data/next-point-update.txt === --- data/next-point-update.txt 2013-10-12 15:07:35 UTC (rev 23980) +++ data/next-point-update.txt 2013-10-12 15:11:17 UTC (rev 23981) @@ -1,2 +0,0 @@ -CVE-2013-2096 - [wheezy] - nova 2012.1.1-18+deb7u1 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r23980 - in data: . CVE
Author: thijs
Date: 2013-10-12 15:07:35 + (Sat, 12 Oct 2013)
New Revision: 23980
Modified:
data/CVE/list
data/next-point-update.txt
Log:
stable point release 7.2
Modified: data/CVE/list
===
--- data/CVE/list 2013-10-12 14:07:36 UTC (rev 23979)
+++ data/CVE/list 2013-10-12 15:07:35 UTC (rev 23980)
@@ -2559,7 +2559,7 @@
RESERVED
- nmap 6.40-0.1 (low; bug #719289)
[squeeze] - nmap (Vulnerable code not present)
- [wheezy] - nmap (Minor issue)
+ [wheezy] - nmap 6.00-0.3+deb7u1
CVE-2013-4884
RESERVED
CVE-2013-5217
@@ -3873,7 +3873,7 @@
- linux-2.6 (Introduced in 3.8)
CVE-2013-4342 (xinetd does not enforce the user and group configuration
directives ...)
- xinetd 1:2.3.15-2 (bug #324678)
- [wheezy] - xinetd (Minor issue)
+ [wheezy] - xinetd 1:2.3.14-7.1+deb7u1
[squeeze] - xinetd (Minor issue)
CVE-2013-4341 (Multiple cross-site scripting (XSS) vulnerabilities in Moodle
through ...)
- moodle 2.5.2-1
@@ -4585,7 +4585,7 @@
- linux-2.6 (Introduced in 3.7)
CVE-2013-4124 (Integer overflow in the read_nttrans_ea_list function in
nttrans.c in ...)
- samba 2:3.6.17-1 (low)
- [wheezy] - samba (Minor issue)
+ [wheezy] - samba 2:3.6.6-6+deb7u1
[squeeze] - samba (Minor issue)
- samba4 (low)
[wheezy] - samba4 (Minor issue)
@@ -7361,6 +7361,7 @@
[squeeze] - chromium-browser
CVE-2013-2899 (drivers/hid/hid-picolcd_core.c in the Human Interface Device
(HID) ...)
- linux 3.10.11-1 (low)
+ [wheezy] - linux 3.2.51-1
- linux-2.6 (driver introduced in 2.6.35)
CVE-2013-2898 (drivers/hid/hid-sensor-hub.c in the Human Interface Device
(HID) ...)
- linux 3.10.11-1 (low)
@@ -7371,6 +7372,7 @@
- linux-2.6 (driver introduced in 2.6.38)
CVE-2013-2896 (drivers/hid/hid-ntrig.c in the Human Interface Device (HID)
subsystem ...)
- linux 3.10.11-1 (low)
+ [wheezy] - linux 3.2.51-1
- linux-2.6 (Vulnerable feature probing code not present)
CVE-2013-2895 (drivers/hid/hid-logitech-dj.c in the Human Interface Device
(HID) ...)
- linux (low)
@@ -7385,6 +7387,7 @@
CVE-2013-2892 (drivers/hid/hid-pl.c in the Human Interface Device (HID)
subsystem in ...)
{DSA-2766-1}
- linux 3.10.11-1 (low)
+ [wheezy] - linux 3.2.51-1
- linux-2.6 (low)
CVE-2013-2891 (drivers/hid/hid-steelseries.c in the Human Interface Device
(HID) ...)
- linux (low)
@@ -7400,6 +7403,7 @@
{DSA-2766-1}
- linux 3.10.11-1
- linux-2.6
+ [wheezy] - linux 3.2.51-1
CVE-2013-2887 (Multiple unspecified vulnerabilities in Google Chrome before
...)
{DSA-2741-1}
- chromium-browser 29.0.1547.57-1
@@ -9422,6 +9426,7 @@
CVE-2013-2161 (XML injection vulnerability in account/utils.py in OpenStack
Swift ...)
{DSA-2737-1}
- swift 1.8.0-6 (low; bug #712202)
+ [wheezy] - swift 1.4.8-2+deb7u1
CVE-2013-2160 (Apache CXF 2.5.x before 2.5.10, 2.6.x before 2.6.7, and 2.7.x
before ...)
NOT-FOR-US: Apache CXF
CVE-2013-2159 [monkey broken authentication]
@@ -9470,7 +9475,7 @@
[wheezy] - linux 3.2.46-1
CVE-2013-2145 (The cpansign verify functionality in the Module::Signature
module ...)
- libmodule-signature-perl 0.73-1 (bug #711239)
- [wheezy] - libmodule-signature-perl (Minor issue)
+ [wheezy] - libmodule-signature-perl 0.68-1+deb7u1
[squeeze] - libmodule-signature-perl (Minor issue)
CVE-2013-2144 (Red Hat Enterprise Virtualization Manager (RHEVM) before 3.2
does not ...)
NOT-FOR-US: RHEV Manager
@@ -9865,7 +9870,7 @@
RESERVED
- python-httplib2 0.8-2 (low; bug #706602)
[squeeze] - python-httplib2 (Minor issue)
- [wheezy] - python-httplib2 (Minor issue)
+ [wheezy] - python-httplib2 0.7.4-2+deb7u1
NOTE: http://openwall.com/lists/oss-security/2013/05/01/5
CVE-2013-2036 (Cross-site scripting (XSS) vulnerability in the Filebrowser
module ...)
NOT-FOR-US: Drupal module Filebrowser
@@ -9965,7 +9970,7 @@
NOTE: fixed in 2013.1-1 for experimental
CVE-2013-2013 (The user-password-update command in python-keystoneclient
before 0.2.4 ...)
- python-keystoneclient 1:0.2.5-1 (bug #709535)
- [wheezy] - python-keystoneclient (Minor issue)
+ [wheezy] - python-keystoneclient 2012.1-3+deb7u1
NOTE: https://bugs.launchpad.net/python-keystoneclient/+bug/938315
NOTE: https://review.openstack.org/28702
CVE-2013-2012 [autojump profile will load random stuff from a directory called
custom_install]
@@ -11929,7 +11934,7 @@
[wheezy] - perl (Bug was introduced later)
[squeeze] - perl (Does not yet contain Module::Metadata)
- libmodule-metadata-perl 1.15-1
- [wheezy] - libmodule-metadata-perl (Documentation i
[Secure-testing-commits] r23979 - data/CVE
Author: fgeek-guest Date: 2013-10-12 14:07:36 + (Sat, 12 Oct 2013) New Revision: 23979 Modified: data/CVE/list Log: dropbear issue reported Modified: data/CVE/list === --- data/CVE/list 2013-10-12 09:14:25 UTC (rev 23978) +++ data/CVE/list 2013-10-12 14:07:36 UTC (rev 23979) @@ -1,3 +1,5 @@ +CVE-2013- [dropbear: avoid disclosing existence of valid users through inconsistent delays] + - dropbear (bug #726118) CVE-2013-6063 RESERVED CVE-2013-6062 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r23978 - data/CVE
Author: joeyh
Date: 2013-10-12 09:14:25 + (Sat, 12 Oct 2013)
New Revision: 23978
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===
--- data/CVE/list 2013-10-12 07:44:51 UTC (rev 23977)
+++ data/CVE/list 2013-10-12 09:14:25 UTC (rev 23978)
@@ -3777,6 +3777,7 @@
RESERVED
CVE-2013-4365
RESERVED
+ {DSA-2778-1}
- libapache2-mod-fcgid 1:2.3.9-1 (bug #725942)
CVE-2013-4364
RESERVED
___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r23977 - data/CVE
Author: carnil Date: 2013-10-12 07:44:51 + (Sat, 12 Oct 2013) New Revision: 23977 Modified: data/CVE/list Log: Add bugnumber for CVE-2013-4251/python-scipy Modified: data/CVE/list === --- data/CVE/list 2013-10-12 07:23:10 UTC (rev 23976) +++ data/CVE/list 2013-10-12 07:44:51 UTC (rev 23977) @@ -4153,7 +4153,7 @@ RESERVED CVE-2013-4251 [weave /tmp and current directory issues] RESERVED - - python-scipy + - python-scipy (bug #726093) NOTE: https://github.com/scipy/scipy/commit/bd296e0336420b840fcd2faabb97084fd252a973 CVE-2013-4250 [Vulnerable subcomponent: Backend File Upload / File Abstraction Layer] RESERVED ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r23976 - data/CVE
Author: carnil Date: 2013-10-12 07:23:10 + (Sat, 12 Oct 2013) New Revision: 23976 Modified: data/CVE/list Log: Add CVE-2013-4251, python-scipy; concludes external check Modified: data/CVE/list === --- data/CVE/list 2013-10-11 21:55:12 UTC (rev 23975) +++ data/CVE/list 2013-10-12 07:23:10 UTC (rev 23976) @@ -4151,8 +4151,10 @@ RESERVED CVE-2013-4252 RESERVED -CVE-2013-4251 +CVE-2013-4251 [weave /tmp and current directory issues] RESERVED + - python-scipy + NOTE: https://github.com/scipy/scipy/commit/bd296e0336420b840fcd2faabb97084fd252a973 CVE-2013-4250 [Vulnerable subcomponent: Backend File Upload / File Abstraction Layer] RESERVED - typo3 (All versions from 6.0.0 up to the development branch of 6.2) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
