Author: aw-guest
Date: 2014-04-18 10:01:34 +0000 (Fri, 18 Apr 2014)
New Revision: 26609
Modified:
data/CVE/list
Log:
CVE-2013-7270, CVE-2013-7263 fixed in stable
CVE-2014-2568 stable/oldstable not affected
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-04-18 09:14:13 UTC (rev 26608)
+++ data/CVE/list 2014-04-18 10:01:34 UTC (rev 26609)
@@ -1015,6 +1015,8 @@
CVE-2014-2568 (Use-after-free vulnerability in the nfqnl_zcopy function in ...)
- linux 3.13.7-1
- linux-2.6 <removed>
+ [wheezy] - linux <not-affected> (Introduced in 3.10 commit ae08ce002108)
+ [squeeze] - linux <not-affected> (Introduced in 3.10 commit
ae08ce002108)
NOTE: Upstream path: https://lkml.org/lkml/2014/3/20/421
CVE-2014-2567 (The OpenConnectionTask::handleStateHelper function in ...)
NOT-FOR-US: Trojita
@@ -4974,6 +4976,7 @@
- linux-2.6 <removed>
[squeeze] - linux-2.6 <no-dsa> (Too intrusive to backport)
- linux 3.12.6-1
+ [wheezy] - linux 3.2.54-1
NOTE: upstream fix:
https://git.kernel.org/linus/f3d3342602f8bcbf37d7c46641cb9bca7618eb1c
NOTE: included in
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.4
CVE-2013-7269 (The nr_recvmsg function in net/netrom/af_netrom.c in the Linux
kernel ...)
@@ -5386,6 +5389,7 @@
{DSA-2906-1}
- linux-2.6 <removed> (low)
- linux 3.12.6-1 (low)
+ [wheezy] - linux 3.2.54-1 (low)
CVE-2013-7251 (Multiple cross-site request forgery (CSRF) vulnerabilities in
...)
NOT-FOR-US: ProjectForge
CVE-2013-7250 (Cross-site scripting (XSS) vulnerability in the JsonBuilder ...)
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
