[Secure-testing-commits] r26905 - data/CVE

Raphael Geissert Tue, 13 May 2014 01:17:06 -0700

Author: atomo64-guest
Date: 2014-05-13 08:16:39 +0000 (Tue, 13 May 2014)
New Revision: 26905


Modified:
   data/CVE/list
Log:
foreman itp


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2014-05-13 05:14:52 UTC (rev 26904)
+++ data/CVE/list       2014-05-13 08:16:39 UTC (rev 26905)
@@ -27736,7 +27736,7 @@
        - libarchive 3.0.4-3 (bug #703957)
        [squeeze] - libarchive <not-affected> (Vulnerable code not present)
 CVE-2013-0210 (The smart proxy Puppet run API in Foreman before 1.2.0 allows 
remote ...)
-       TODO: check
+       - foreman <itp> (bug #663101)
 CVE-2013-0209 (lib/MT/Upgrade.pm in mt-upgrade.cgi in Movable Type 4.2x and 
4.3x ...)
        {DSA-2611-1}
        - movabletype-opensource 5.1.2+dfsg-1 (bug #697666)
@@ -27866,15 +27866,15 @@
        - ruby-multi-xml <not-affected> (Vulnerable version never in the 
archive)
        NOTE: fixed in https://rubygems.org/gems/multi_xml/versions/0.5.2
 CVE-2013-0174 (The external node classifier (ENC) API in Foreman before 1.1 
allows ...)
-       TODO: check
+       - foreman <itp> (bug #663101)
 CVE-2013-0173 (Foreman before 1.1 uses a salt of &quot;foreman&quot; to hash 
root passwords, ...)
-       TODO: check
+       - foreman <itp> (bug #663101)
 CVE-2013-0172 (Samba 4.0.x before 4.0.1, in certain Active Directory ...)
        - samba4 4.0.0~beta2+dfsg1-3.1 (high; bug #699188)
        - samba <not-affected> (Only affects Active Directory functionality)
        NOTE: 
https://lists.samba.org/archive/samba-technical/2013-January/089911.html
 CVE-2013-0171 (Foreman before 1.1 allows remote attackers to execute arbitrary 
code ...)
-       TODO: check
+       - foreman <itp> (bug #663101)
 CVE-2013-0170 (Use-after-free vulnerability in the virNetMessageFree function 
in ...)
        - libvirt 0.9.12-6 (bug #699224)
        [squeeze] - libvirt <not-affected> (Vulnerable code not present, see 
bug #699224)
@@ -30579,7 +30579,7 @@
 CVE-2012-5478 (The AuthorizationInterceptor in JBoss Enterprise Application 
Platform ...)
        - jbossas4 <not-affected> (Only builds a few libraries, not the full 
application server, #581226)
 CVE-2012-5477 (The smart proxy in Foreman before 1.1 uses a umask set to 0, 
which ...)
-       TODO: check
+       - foreman <itp> (bug #663101)
 CVE-2012-5476
        RESERVED
        - horizon <not-affected> (File is installed with 0700 perms in Debian)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r26905 - data/CVE

Reply via email to