[Secure-testing-commits] r23783 - data/CVE

Joey Hess Wed, 25 Sep 2013 14:15:05 -0700

Author: joeyh
Date: 2013-09-25 21:14:33 +0000 (Wed, 25 Sep 2013)
New Revision: 23783


Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2013-09-25 21:06:10 UTC (rev 23782)
+++ data/CVE/list       2013-09-25 21:14:33 UTC (rev 23783)
@@ -1,3 +1,11 @@
+CVE-2013-5936 (The Hazelcast cluster API in Open-Xchange AppSuite 7.0.x before 
...)
+       TODO: check
+CVE-2013-5935 (The Hazelcast cluster API in Open-Xchange AppSuite 7.0.x before 
...)
+       TODO: check
+CVE-2013-5934 (Open-Xchange AppSuite 7.0.x before 7.0.2-rev15 and 7.2.x before 
...)
+       TODO: check
+CVE-2013-5933 (Stack-based buffer overflow in the sub_E110 function in init in 
a ...)
+       TODO: check
 CVE-2013-5932 (Unspecified vulnerability in WebAdmin in Sophos UTM (aka Astaro 
...)
        NOT-FOR-US: Sophos UTM
 CVE-2013-5931 (SQL injection vulnerability in property_listings_detail.php in 
Real ...)
@@ -362,8 +370,8 @@
        RESERVED
 CVE-2013-5751 (Directory traversal vulnerability in SAP NetWeaver 7.x allows 
remote ...)
        NOT-FOR-US: SAP NetWeaver 7.x
-CVE-2013-5750
-       RESERVED
+CVE-2013-5750 (The login form in the FriendsOfSymfony FOSUserBundle bundle 
before ...)
+       TODO: check
 CVE-2013-5749
        RESERVED
 CVE-2013-5748
@@ -772,8 +780,7 @@
        RESERVED
 CVE-2013-5590
        RESERVED
-CVE-2013-5634
-       RESERVED
+CVE-2013-5634 (arch/arm/kvm/arm.c in the Linux kernel before 3.10 on the ARM 
...)
        - linux <unfixed>
        [wheezy] - linux <not-affected> (KVM for arm introduced in 3.9)
        - linux-2.6 <not-affected> (KVM for arm introduced in 3.9)
@@ -1240,8 +1247,8 @@
        RESERVED
 CVE-2013-5374
        RESERVED
-CVE-2013-5373
-       RESERVED
+CVE-2013-5373 (The RemoteClient component in IBM Rational ClearCase 8.0.0.03 
through ...)
+       TODO: check
 CVE-2013-5372
        RESERVED
 CVE-2013-5371
@@ -1590,8 +1597,7 @@
        RESERVED
 CVE-2013-5201
        RESERVED
-CVE-2013-5200
-       RESERVED
+CVE-2013-5200 (The (1) REST and (2) memcache interfaces in the Hazelcast 
cluster API ...)
        - open-xchange <itp> (bug #269329)
 CVE-2013-5199
        RESERVED
@@ -1759,8 +1765,8 @@
        NOT-FOR-US: PHPFox
 CVE-2013-5119 (Zimbra Collaboration Suite (ZCS) 6.0.16 and earlier allows ...)
        NOT-FOR-US: Zimbra Collaboration Suite
-CVE-2013-5118
-       RESERVED
+CVE-2013-5118 (Cross-site scripting (XSS) vulnerability in the Good for 
Enterprise ...)
+       TODO: check
 CVE-2013-5117
        RESERVED
 CVE-2013-5116
@@ -2515,8 +2521,8 @@
        NOT-FOR-US: Siemens Enterprise OpenScape
 CVE-2013-4778 (core/getLog.php on the Siemens Enterprise OpenScape Branch 
appliance ...)
        NOT-FOR-US: Siemens Enterprise OpenScape
-CVE-2013-4777
-       RESERVED
+CVE-2013-4777 (A certain configuration of Android 2.3.7 on the Motorola Defy 
XT phone ...)
+       TODO: check
 CVE-2013-4776
        RESERVED
 CVE-2013-4775
@@ -3479,8 +3485,7 @@
        - gnupg2 <unfixed> (low; bug #722724)
        [squeeze] - gnupg2 <no-dsa> (Minor issue)
        [wheezy] - gnupg2 <no-dsa> (Minor issue)
-CVE-2013-4350 [net: sctp: ipv6 ipsec encryption bug in sctp_v6_xmit]
-       RESERVED
+CVE-2013-4350 (The IPv6 SCTP implementation in net/sctp/ipv6.c in the Linux 
kernel ...)
        - linux-2.6 <removed>
        - linux <unfixed>
        NOTE: http://www.openwall.com/lists/oss-security/2013/09/13/2
@@ -3510,8 +3515,7 @@
        - linux <unfixed>
 CVE-2013-4344
        RESERVED
-CVE-2013-4343
-       RESERVED
+CVE-2013-4343 (Use-after-free vulnerability in drivers/net/tun.c in the Linux 
kernel ...)
        - linux <unfixed>
        [wheezy] - linux <not-affected> (Introduced in 3.8)
        - linux-2.6 <not-affected> (Introduced in 3.8)
@@ -3643,8 +3647,7 @@
        - mediawiki 1:1.19.8+dfsg-1 (unimportant)
        NOTE: Full path disclosure irrelevant in Debian
        NOTE: https://bugzilla.wikimedia.org/show_bug.cgi?id=46332
-CVE-2013-4300
-       RESERVED
+CVE-2013-4300 (The scm_check_creds function in net/core/scm.c in the Linux 
kernel ...)
        - linux <unfixed>
        [wheezy] - linux <not-affected> (Not exploitable by unprivileged users 
in 3.2)
        - linux-2.6 <not-affected> (Not exploitable by unprivileged users in 
2.6.32)
@@ -3660,6 +3663,7 @@
        NOTE: Introduced with 8aabd597b379db5ae1655e36dff4f10d5622830a, 1.0.6
 CVE-2013-4296 [libvirt remote crash]
        RESERVED
+       {DSA-2764-1}
        - libvirt <unfixed>
        [squeeze] - libvirt <not-affected> (Vulnerable code not present, 
introduced by commit 158ba8730e44b7dd07a21ab90499996c5dec080a)
        NOTE: 
http://libvirt.org/git/?p=libvirt.git;a=commit;h=158ba8730e44b7dd07a21ab90499996c5dec080a
@@ -4531,14 +4535,14 @@
        RESERVED
 CVE-2013-4026
        RESERVED
-CVE-2013-4025
-       RESERVED
-CVE-2013-4024
-       RESERVED
+CVE-2013-4025 (IBM Data Studio Web Console 3.x before 3.2, Optim Performance 
Manager ...)
+       TODO: check
+CVE-2013-4024 (IBM Data Studio Web Console 3.x before 3.2, Optim Performance 
Manager ...)
+       TODO: check
 CVE-2013-4023
        RESERVED
-CVE-2013-4022
-       RESERVED
+CVE-2013-4022 (IBM Data Studio Web Console 3.x before 3.2, Optim Performance 
Manager ...)
+       TODO: check
 CVE-2013-4021
        RESERVED
 CVE-2013-4020
@@ -9134,8 +9138,7 @@
 CVE-2013-2141 (The do_tkill function in kernel/signal.c in the Linux kernel 
before ...)
        - linux-2.6 <removed>
        - linux 3.9.4-1
-CVE-2013-2140 [xen/blkback: Check device permissions before allowing 
OP_DISCARD]
-       RESERVED
+CVE-2013-2140 (The dispatch_discard_io function in ...)
        - linux-2.6 <not-affected> (Vulnerable code not present)
        - linux 3.10.1-1
        [wheezy] - linux <not-affected> (Vulnerable code not present)
@@ -10701,6 +10704,7 @@
        - icedove <not-affected> (Windows-specific)
        - iceape <not-affected> (Windows-specific)
 CVE-2013-1705 (Heap-based buffer underflow in the 
cryptojs_interpret_key_gen_type ...)
+       {DSA-2762-1}
        - iceweasel 23.0-1
        - iceape <unfixed>
        TODO: check
@@ -12438,8 +12442,8 @@
        NOT-FOR-US: ubuntu-system-service
 CVE-2013-1061
        RESERVED
-CVE-2013-1060
-       RESERVED
+CVE-2013-1060 (A certain Ubuntu build procedure for perf, as distributed in 
the Linux ...)
+       TODO: check
 CVE-2013-1059 (net/ceph/auth_none.c in the Linux kernel through 3.10 allows 
remote ...)
        {DSA-2745-1}
        - linux 3.10.1-1 (low)
@@ -21876,10 +21880,10 @@
        TODO: check
 CVE-2012-4088
        RESERVED
-CVE-2012-4087 (A setup script for fabric interconnect devices in Cisco Unified 
...)
+CVE-2012-4087 (A cluster setup script for fabric interconnect devices in Cisco 
...)
        TODO: check
-CVE-2012-4086
-       RESERVED
+CVE-2012-4086 (A setup script for fabric interconnect devices in Cisco Unified 
...)
+       TODO: check
 CVE-2012-4085 (The Intelligent Platform Management Interface (IPMI) 
implementation in ...)
        TODO: check
 CVE-2012-4084


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r23783 - data/CVE

Reply via email to