[Secure-testing-commits] r21890 - data/CVE

Michael Gilbert mgilbert at alioth.debian.org
Mon Apr 8 02:41:33 UTC 2013 

Author: mgilbert
Date: 2013-04-08 02:41:33 +0000 (Mon, 08 Apr 2013)
New Revision: 21890

Modified:
   data/CVE/list
Log:
some bugs reported

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2013-04-08 02:41:19 UTC (rev 21889)
+++ data/CVE/list	2013-04-08 02:41:33 UTC (rev 21890)
@@ -1974,7 +1974,7 @@
 	RESERVED
 CVE-2013-1884 [DoS (crash) via malformed log REPORT requests]
 	RESERVED
-	- subversion <unfixed>
+	- subversion <unfixed> (bug #704940)
 	NOTE: http://subversion.apache.org/security/CVE-2013-1884-advisory.txt
 CVE-2013-1883 [mantis: remote DoS]
 	RESERVED
@@ -2096,9 +2096,8 @@
 	NOTE: http://www.openwall.com/lists/oss-security/2013/03/14/8
 CVE-2013-1849 [Subversion (mod_dav_svn): DoS (crash) via PROPFIND request made against activity URLs]
 	RESERVED
-	- subversion <unfixed>
+	- subversion <unfixed> (bug #704940)
 	NOTE: http://seclists.org/fulldisclosure/2013/Mar/56
-	TODO: check and report to BTS
 CVE-2013-1848 (fs/ext3/super.c in the Linux kernel before 3.8.4 uses incorrect ...)
 	- linux 3.2.41-1
 	- linux-2.6 <removed>
@@ -2106,15 +2105,15 @@
 	NOTE: http://www.openwall.com/lists/oss-security/2013/03/20/8
 CVE-2013-1847 [DoS (crash) via LOCK requests against a non-existent URL]
 	RESERVED
-	- subversion <unfixed>
+	- subversion <unfixed> (bug #704940)
 	NOTE: http://subversion.apache.org/security/CVE-2013-1847-advisory.txt
 CVE-2013-1846 [DoS (crash) via LOCK requests against an activity URL]
 	RESERVED
-	- subversion <unfixed>
+	- subversion <unfixed> (bug #704940)
 	NOTE: http://subversion.apache.org/security/CVE-2013-1846-advisory.txt
 CVE-2013-1845 [DoS (excessive memory use) when large number of properties are set or deleted]
 	RESERVED
-	- subversion <unfixed>
+	- subversion <unfixed> (bug #704940)
 	NOTE: http://subversion.apache.org/security/CVE-2013-1845-advisory.txt
 CVE-2013-1844 (Cross-site scripting (XSS) vulnerability in Piwik before 1.11 allows ...)
 	- piwik <itp> (bug #506933)
@@ -8721,8 +8720,7 @@
 	RESERVED
 CVE-2012-5635 [GlusterFS: insecure temporary file creation]
 	RESERVED
-	- glusterfs <undetermined>
-	TODO: check
+	- glusterfs <undetermined> (bug #704944)
 CVE-2012-5634 (Xen 4.2.x, 4.1.x, and 4.0, when using Intel VT-d for PCI passthrough, ...)
 	{DSA-2636-1}
 	- xen 4.1.3-8 (low)
@@ -54402,7 +54400,7 @@
 	- tomcat-native 1.1.18-1
 	[lenny] - tomcat-native <no-dsa> (Minor issue)
 	- gnutls26 <not-affected> (safely handles renegotiation; however support for RFC 5746 would be useful)
-	- polarssl <undetermined>
+	- polarssl <undetermined> (bug #704946)
 	- classpath <removed>
 	- zorp 3.9.2-1
 	[squeeze] - zorp <no-dsa> (Minor issue)

More information about the Secure-testing-commits mailing list