[Secure-testing-commits] r21625 - data/CVE

Joey Hess Thu, 14 Mar 2013 14:14:34 -0700

Author: joeyh
Date: 2013-03-14 21:14:25 +0000 (Thu, 14 Mar 2013)
New Revision: 21625


Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2013-03-14 21:10:02 UTC (rev 21624)
+++ data/CVE/list       2013-03-14 21:14:25 UTC (rev 21625)
@@ -1,3 +1,17 @@
+CVE-2013-2565
+       RESERVED
+CVE-2013-2564
+       RESERVED
+CVE-2013-2563
+       RESERVED
+CVE-2013-2562
+       RESERVED
+CVE-2013-2561
+       RESERVED
+CVE-2013-2560
+       RESERVED
+CVE-2013-2559
+       RESERVED
 CVE-2013-2558 (Unspecified vulnerability in Microsoft Windows 8 allows remote 
...)
        NOT-FOR-US: Windows 8
 CVE-2013-2557 (The sandbox protection mechanism in Microsoft Internet Explorer 
9 ...)
@@ -146,6 +160,7 @@
 CVE-2013-2489
        RESERVED
 CVE-2013-2488 (The DTLS dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x 
before ...)
+       {DSA-2644-1}
        - wireshark 1.8.2-5
        NOTE: http://www.wireshark.org/security/wnpa-sec-2013-22.html
        NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8380
@@ -171,11 +186,13 @@
        NOTE: Versions affected: 1.8.0 to 1.8.5, 1.6.0 to 1.6.13
        NOTE: Not suitable for code injection
 CVE-2013-2484 (The CIMD dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x 
before ...)
+       {DSA-2644-1}
        - wireshark 1.8.2-5
        NOTE: http://www.wireshark.org/security/wnpa-sec-2013-19.html
        NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8346
        NOTE: Versions affected: 1.8.0 to 1.8.5, 1.6.0 to 1.6.13
 CVE-2013-2483 (The acn_add_dmp_data function in epan/dissectors/packet-acn.c 
in the ...)
+       {DSA-2644-1}
        - wireshark 1.8.2-5 (unimportant)
        NOTE: http://www.wireshark.org/security/wnpa-sec-2013-18.html
        NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8340
@@ -188,12 +205,14 @@
        NOTE: Versions affected: 1.8.0 to 1.8.5, 1.6.0 to 1.6.13
        NOTE: Not suitable for code injection
 CVE-2013-2481 (Integer signedness error in the dissect_mount_dirpath_call 
function in ...)
+       {DSA-2644-1}
        - wireshark 1.8.2-5 (unimportant)
        NOTE: http://www.wireshark.org/security/wnpa-sec-2013-16.html
        NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8335
        NOTE: Versions affected: 1.8.0 to 1.8.5, 1.6.0 to 1.6.13
        NOTE: Not suitable for code injection
 CVE-2013-2480 (The RTPS and RTPS2 dissectors in Wireshark 1.6.x before 1.6.14 
and ...)
+       {DSA-2644-1}
        - wireshark 1.8.2-5
        NOTE: http://www.wireshark.org/security/wnpa-sec-2013-15.html
        NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8332
@@ -206,6 +225,7 @@
        NOTE: Versions affected: 1.8.0 to 1.8.5
        NOTE: Not suitable for code injection
 CVE-2013-2478 (The dissect_server_info function in 
epan/dissectors/packet-ms-mms.c in ...)
+       {DSA-2644-1}
        - wireshark 1.8.2-5
        NOTE: http://www.wireshark.org/security/wnpa-sec-2013-13.html
        NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8382
@@ -1607,8 +1627,7 @@
        - mediawiki 1:1.19.4-1
 CVE-2013-1815
        RESERVED
-CVE-2013-1814
-       RESERVED
+CVE-2013-1814 (The users/get program in the User RPC API in Apache Rave 0.11 
through ...)
        NOT-FOR-US: Apache Rave
 CVE-2013-1813 [busybox insecure subdir creation under /dev]
        RESERVED
@@ -2495,8 +2514,7 @@
        NOTE: There was a RFP long time ago, bug #203818
        NOTE: https://www.htbridge.com/advisory/HTB23143
        NOT-FOR-US: Geeklog
-CVE-2013-1469 [Path Traversal in Piwigo]
-       RESERVED
+CVE-2013-1469 (Directory traversal vulnerability in install.php in Piwigo 
before ...)
        - piwigo <removed>
        NOTE: https://www.htbridge.com/advisory/HTB23144
 CVE-2013-1468 (Cross-site request forgery (CSRF) vulnerability in the 
LocalFiles ...)
@@ -5474,8 +5492,7 @@
 CVE-2013-0313 (The evm_update_evmxattr function in ...)
        - linux <unfixed>
        - linux-2.6 <not-affected> (Vulnerable code not present)
-CVE-2013-0312 [unauthenticated denial of service vulnerability in handling of 
LDAPv3 control data]
-       RESERVED
+CVE-2013-0312 (389 Directory Server before 1.3.0.4 allows remote attackers to 
cause a ...)
        - 389-ds-base 1.3.0.3-1 
 CVE-2013-0311 (The translate_desc function in drivers/vhost/vhost.c in the 
Linux ...)
        - linux <unfixed>


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r21625 - data/CVE

Reply via email to