[Secure-testing-commits] r21904 - data/CVE

Joey Hess joeyh at alioth.debian.org
Tue Apr 9 21:14:28 UTC 2013 

Author: joeyh
Date: 2013-04-09 21:14:28 +0000 (Tue, 09 Apr 2013)
New Revision: 21904

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2013-04-09 20:03:06 UTC (rev 21903)
+++ data/CVE/list	2013-04-09 21:14:28 UTC (rev 21904)
@@ -1,3 +1,9 @@
+CVE-2013-2778 (Cross-site request forgery (CSRF) vulnerability in ...)
+	TODO: check
+CVE-2013-2777 (sudo before 1.7.10p5 and 1.8.x before 1.8.6p6, when the tty_tickets ...)
+	TODO: check
+CVE-2013-2776 (sudo 1.3.5 through 1.7.10p5 and 1.8.0 through 1.8.6p6, when running on ...)
+	TODO: check
 CVE-2013-2775
 	RESERVED
 CVE-2013-2774
@@ -1904,6 +1910,7 @@
 	NOT-FOR-US: WordPress plugin
 CVE-2013-1915 [Vulnerable to XXE attacks]
 	RESERVED
+	{DSA-2659-1}
 	- modsecurity-apache 2.6.6-6 (bug #704625)
 	- libapache-mod-security <removed>
 	NOTE: https://github.com/SpiderLabs/ModSecurity/commit/d4d80b38aa85eccb26e3c61b04d16e8ca5de76fe
@@ -2343,8 +2350,7 @@
 	NOT-FOR-US: Drupal addon
 CVE-2013-1777
 	RESERVED
-CVE-2013-1776
-	RESERVED
+CVE-2013-1776 (sudo 1.3.5 through 1.7.10 and 1.8.0 through 1.8.5, when the ...)
 	{DSA-2642-1}
 	- sudo 1.8.5p2-1+nmu1 (bug #701839)
 CVE-2013-1775 (sudo 1.6.0 through 1.7.10p6 and sudo 1.8.0 through 1.8.6p6 allows ...)
@@ -6681,16 +6687,15 @@
 	RESERVED
 CVE-2013-0136
 	RESERVED
-CVE-2013-0135
-	RESERVED
-CVE-2013-0134
-	RESERVED
+CVE-2013-0135 (Multiple SQL injection vulnerabilities in PHP Address Book 8.2.5 allow ...)
+	TODO: check
+CVE-2013-0134 (Cross-site scripting (XSS) vulnerability in the web interface in ...)
+	TODO: check
 CVE-2013-0133
 	RESERVED
 CVE-2013-0132
 	RESERVED
-CVE-2013-0131 [NVIDIA UNIX GPU Driver ARGB Cursor Buffer Overflow in "NoScanout" Mode]
-	RESERVED
+CVE-2013-0131 (Buffer overflow in the NVIDIA GPU driver before 304.88, 310.x before ...)
 	- nvidia-graphics-drivers 304.88-1 (bug #704547)
 	[wheezy] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
 	[squeeze] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
@@ -6733,12 +6738,12 @@
 	NOT-FOR-US: Nuance PDF Reader
 CVE-2013-0112
 	RESERVED
-CVE-2013-0111
-	RESERVED
-CVE-2013-0110
-	RESERVED
-CVE-2013-0109
-	RESERVED
+CVE-2013-0111 (daemonu.exe (aka the NVIDIA Update Service Daemon), as distributed ...)
+	TODO: check
+CVE-2013-0110 (nvSCPAPISvr.exe in the NVIDIA Stereoscopic 3D Driver service, as ...)
+	TODO: check
+CVE-2013-0109 (The NVIDIA driver before 307.78, and Release 310 before 311.00, in the ...)
+	TODO: check
 CVE-2013-0108 (An ActiveX control in HscRemoteDeploy.dll in Honeywell Enterprise ...)
 	NOT-FOR-US: Honeywell
 CVE-2013-0107 (Stack-based buffer overflow in Foxit Advanced PDF Editor 3 before 3.04 ...)

More information about the Secure-testing-commits mailing list