Author: aw-guest Date: 2014-01-12 20:56:21 +0000 (Sun, 12 Jan 2014) New Revision: 25171
Modified: data/CVE/list Log: CVE-2013-4357 unimportant? CVE-2013-4237 CVE-2013-4332 CVE-2013-4458 CVE-2013-4387 fixed in point update CVE-2013-6383 fixed in 3.11.8-1 CVE-2013-1741, CVE-2013-5606 bug reported Modified: data/CVE/list =================================================================== --- data/CVE/list 2014-01-12 15:47:15 UTC (rev 25170) +++ data/CVE/list 2014-01-12 20:56:21 UTC (rev 25171) @@ -4375,7 +4375,7 @@ - ceilometer 2013.2-4 (bug #730227) CVE-2013-6383 (The aac_compat_ioctl function in drivers/scsi/aacraid/linit.c in the ...) - linux-2.6 <removed> - - linux <unfixed> + - linux 3.11.8-1 NOTE: http://git.kernel.org/linus/f856567b930dfcdbc3323261bf77240ccdde01f5 CVE-2013-6382 (Multiple buffer underflows in the XFS implementation in the Linux ...) - linux-2.6 <removed> (low) @@ -6232,7 +6232,7 @@ {DSA-2820-1} - nspr 2:4.10.2-1 CVE-2013-5606 (The CERT_VerifyCert function in lib/certhigh/certvfy.c in Mozilla ...) - - nss 2:3.15.3-1 + - nss 2:3.15.3-1 (bug #735105) CVE-2013-5605 (Mozilla Network Security Services (NSS) 3.14 before 3.14.5 and 3.15 ...) {DSA-2800-1} - nss 2:3.15.3-1 @@ -8552,6 +8552,8 @@ CVE-2013-4592 (Memory leak in the __kvm_set_memory_region function in ...) - linux 3.8-1 - linux-2.6 <removed> + [wheezy] - linux 3.2.53-1 + NOTE: fixed in point update CVE-2013-4591 (Buffer overflow in the __nfs4_get_acl_uncached function in ...) - linux 3.8-1 [wheezy] - linux <not-affected> (Introduced in 3.6) @@ -8992,7 +8994,7 @@ - lightdm <not-affected> (Only in combination with guest profile, apparmor and 1.8.x branch) CVE-2013-4458 (Stack-based buffer overflow in the getaddrinfo function in ...) - eglibc <unfixed> (low; bug #727181) - [wheezy] - eglibc <no-dsa> (Minor issue) + [wheezy] - eglibc 2.13-38+deb7u1 [squeeze] - eglibc <no-dsa> (Minor issue) NOTE: https://sourceware.org/ml/libc-alpha/2013-10/msg00733.html NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=16072 @@ -9231,6 +9233,7 @@ CVE-2013-4387 (net/ipv6/ip6_output.c in the Linux kernel through 3.11.4 does not ...) - linux-2.6 <removed> - linux 3.11.5-1 + [wheezy] - linux 3.2.53-2 CVE-2013-4386 (Multiple SQL injection vulnerabilities in ...) - foreman <itp> (bug #663101) CVE-2013-4385 (Buffer overflow in the "read-string!" procedure in the "extras" unit ...) @@ -9333,6 +9336,7 @@ RESERVED - eglibc <unfixed> NOTE: http://sourceware.org/bugzilla/show_bug.cgi?id=12671 + NOTE: unimportant? CVE-2013-4356 (Xen 4.3.x writes hypervisor mappings to certain shadow pagetables when ...) - xen <unfixed> [wheezy] - xen <not-affected> (Only affects 4.3+) @@ -9431,7 +9435,7 @@ NOT-FOR-US: OpenPNE CVE-2013-4332 (Multiple integer overflows in malloc/malloc.c in the GNU C Library ...) - eglibc 2.17-93 (bug #722536) - [wheezy] - eglibc <no-dsa> (Will be fixed in point update) + [wheezy] - eglibc 2.13-38+deb7u1 CVE-2013-4331 [incorrect .Xauthority permissions] RESERVED - lightdm 1.6.2-1 (bug #721744) @@ -9753,7 +9757,7 @@ NOTE: https://bugs.mageia.org/show_bug.cgi?id=10989 CVE-2013-4237 (sysdeps/posix/readdir_r.c in the GNU C Library (aka glibc or libc6) ...) - eglibc 2.17-94 (bug #719558) - [wheezy] - eglibc <no-dsa> (Will be fixed in point update) + [wheezy] - eglibc 2.13-38+deb7u1 NOTE: http://sourceware.org/bugzilla/show_bug.cgi?id=14699 NOTE: http://sourceware.org/ml/libc-alpha/2013-05/msg00445.html CVE-2013-4236 (VDSM in Red Hat Enterprise Virtualization 3 and 3.2 allows privileged ...) @@ -16485,7 +16489,7 @@ - bugzilla4 <itp> (bug #669643) NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=924802 CVE-2013-1741 (Integer overflow in Mozilla Network Security Services (NSS) 3.15 ...) - - nss 2:3.15.3-1 + - nss 2:3.15.3-1 (bug #735105) NOTE: https://hg.mozilla.org/projects/nss/rev/612d7d1eb9e7 CVE-2013-1740 RESERVED _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits