Author: jmm
Date: 2013-12-12 06:03:30 +0000 (Thu, 12 Dec 2013)
New Revision: 24698
Modified:
data/CVE/list
Log:
ack-grep, uscan CVEfied
horde Suse-specific
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-12-11 22:16:32 UTC (rev 24697)
+++ data/CVE/list 2013-12-12 06:03:30 UTC (rev 24698)
@@ -1,9 +1,9 @@
-CVE-2013-XXXX [uscan: arbitrary code execution]
+CVE-2013-7050 [uscan: arbitrary code execution]
- devscripts 2.13.8 (bug #731849)
[wheezy] - devscripts <not-affected> (does not contain the vulnerable
code; introduced in 2.13.5)
[squeeze] - devscripts <not-affected> (does not contain the vulnerable
code; introduced in 2.13.5)
NOTE:
http://anonscm.debian.org/gitweb/?p=collab-maint/devscripts.git;a=commitdiff;h=91f05b5
-CVE-2013-XXXX [remote code execution via per-project .ackrc files]
+CVE-2013-7069 [remote code execution via per-project .ackrc files]
- ack-grep 2.12-1 (bug #731848)
[wheezy] - ack-grep <not-affected> (don't support per-project .ackrc
files)
[squeeze] - ack-grep <not-affected> (don't support per-project .ackrc
files)
@@ -16288,9 +16288,8 @@
CVE-2013-1091 (Stack-based buffer overflow in Novell iPrint Client before 5.90
allows ...)
NOT-FOR-US: Novell iPrint Client
CVE-2013-1090 (The SUSE horde5 package before 5.0.2-2.4.1 sets incorrect
ownership ...)
- - php-horde <undetermined>
+ - php-horde <not-affected> (SuSE specific packaging flaw)
NOTE: https://bugzilla.novell.com/show_bug.cgi?id=811369
- TODO: check if SuSE specific
CVE-2013-1089
RESERVED
CVE-2013-1088 (Cross-site request forgery (CSRF) vulnerability in Novell
iManager 2.7 ...)
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
