[Secure-testing-commits] r21978 - data/CVE
Joey Hess
joeyh at alioth.debian.org
Wed Apr 17 21:14:31 UTC 2013
Author: joeyh
Date: 2013-04-17 21:14:31 +0000 (Wed, 17 Apr 2013)
New Revision: 21978
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-04-17 20:32:04 UTC (rev 21977)
+++ data/CVE/list 2013-04-17 21:14:31 UTC (rev 21978)
@@ -1,3 +1,7 @@
+CVE-2013-3080
+ RESERVED
+CVE-2013-3079
+ RESERVED
CVE-2013-XXXX [libxml2: use-after-free htmlParseChunk]
- libxml2 <unfixed>
NOTE: http://www.openwall.com/lists/oss-security/2013/04/17/4
@@ -490,14 +494,14 @@
RESERVED
CVE-2013-2836
RESERVED
-CVE-2013-2835
- RESERVED
-CVE-2013-2834
- RESERVED
-CVE-2013-2833
- RESERVED
-CVE-2013-2832
- RESERVED
+CVE-2013-2835 (Google Chrome OS before 26.0.1410.57 does not properly enforce origin ...)
+ TODO: check
+CVE-2013-2834 (Google Chrome OS before 26.0.1410.57 does not properly enforce origin ...)
+ TODO: check
+CVE-2013-2833 (Use-after-free vulnerability in the O3D plug-in in Google Chrome OS ...)
+ TODO: check
+CVE-2013-2832 (The Buffer::Set function in core/cross/buffer.cc in the O3D plug-in in ...)
+ TODO: check
CVE-2013-2831
RESERVED
CVE-2013-2830
@@ -2487,6 +2491,7 @@
NOTE: http://owncloud.org/about/security/advisories/oC-SA-2013-015/
CVE-2013-1940
RESERVED
+ {DSA-2661-1}
- xorg-server 2:1.12.4-6
CVE-2013-1939 [Windows: Local file disclosure]
RESERVED
@@ -3639,52 +3644,48 @@
RESERVED
CVE-2013-1513
RESERVED
-CVE-2013-1512
- RESERVED
+CVE-2013-1512 (Unspecified vulnerability in Oracle MySQL 5.5.29 and earlier allows ...)
- mysql-5.5 <unfixed>
- mysql-5.1 <removed>
-CVE-2013-1511
- RESERVED
+CVE-2013-1511 (Unspecified vulnerability in Oracle MySQL 5.5.30 and earlier and ...)
- mysql-5.5 <unfixed>
- mysql-5.1 <removed>
-CVE-2013-1510
- RESERVED
-CVE-2013-1509
- RESERVED
-CVE-2013-1508
- RESERVED
-CVE-2013-1507
- RESERVED
-CVE-2013-1506
- RESERVED
+CVE-2013-1510 (Unspecified vulnerability in the Siebel UI Framework component in ...)
+ TODO: check
+CVE-2013-1509 (Unspecified vulnerability in the Oracle WebCenter Sites component in ...)
+ TODO: check
+CVE-2013-1508 (Unspecified vulnerability in the Oracle GlassFish Server component in ...)
+ TODO: check
+CVE-2013-1507 (Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local ...)
+ TODO: check
+CVE-2013-1506 (Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier, 5.5.29 ...)
- mysql-5.5 <unfixed>
- mysql-5.1 <removed>
-CVE-2013-1505
- RESERVED
-CVE-2013-1504
- RESERVED
-CVE-2013-1503
- RESERVED
-CVE-2013-1502
- RESERVED
+CVE-2013-1505 (Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking ...)
+ TODO: check
+CVE-2013-1504 (Unspecified vulnerability in the Oracle WebLogic Server component in ...)
+ TODO: check
+CVE-2013-1503 (Unspecified vulnerability in the Oracle WebCenter Content component in ...)
+ TODO: check
+CVE-2013-1502 (Unspecified vulnerability in Oracle MySQL 5.5.30 and earlier and 5.6.9 ...)
- mysql-5.5 <unfixed>
- mysql-5.1 <removed>
-CVE-2013-1501
- RESERVED
+CVE-2013-1501 (Unspecified vulnerability in the Oracle iStore component in Oracle ...)
+ TODO: check
CVE-2013-1500
RESERVED
-CVE-2013-1499
- RESERVED
-CVE-2013-1498
- RESERVED
-CVE-2013-1497
- RESERVED
-CVE-2013-1496
- RESERVED
-CVE-2013-1495 (asr in Oracle Auto Service Request allows local users to modify ...)
+CVE-2013-1499 (Unspecified vulnerability in Oracle Sun Solaris 11 allows local users ...)
+ TODO: check
+CVE-2013-1498 (Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local ...)
+ TODO: check
+CVE-2013-1497 (Unspecified vulnerability in the Oracle COREid Access component in ...)
+ TODO: check
+CVE-2013-1496 (Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local ...)
+ TODO: check
+CVE-2013-1495 (asr in Oracle Auto Service Request in Oracle Support Tools before ...)
NOT-FOR-US: Oracle Auto Service Request
-CVE-2013-1494
- RESERVED
+CVE-2013-1494 (Unspecified vulnerability in Oracle Sun Solaris 10, when running on ...)
+ TODO: check
CVE-2013-1493 (The color management (CMM) functionality in the 2D component in Oracle ...)
- openjdk-6 6b27-1.12.4-1
- openjdk-7 7u3-2.1.7-1
@@ -6532,36 +6533,36 @@
NOT-FOR-US: Oracle Outside In
CVE-2013-0417 (Unspecified vulnerability in the Sun Storage Common Array Manager ...)
NOT-FOR-US: Sun Storage Common Array Manager
-CVE-2013-0416
- RESERVED
+CVE-2013-0416 (Unspecified vulnerability in the Siebel Enterprise Application ...)
+ TODO: check
CVE-2013-0415 (Unspecified vulnerability in Oracle Sun Solaris 10 allows local users ...)
NOT-FOR-US: Solaris
CVE-2013-0414 (Unspecified vulnerability in Oracle Sun Solaris 11 allows local users ...)
NOT-FOR-US: Solaris
-CVE-2013-0413
- RESERVED
-CVE-2013-0412
- RESERVED
-CVE-2013-0411
- RESERVED
-CVE-2013-0410
- RESERVED
+CVE-2013-0413 (Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local ...)
+ TODO: check
+CVE-2013-0412 (Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11 ...)
+ TODO: check
+CVE-2013-0411 (Unspecified vulnerability in Oracle Sun Solaris 8, 9, and 10 allows ...)
+ TODO: check
+CVE-2013-0410 (Unspecified vulnerability in the Agile EDM component in Oracle Supply ...)
+ TODO: check
CVE-2013-0409 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
- openjdk-6 <not-affected> (Specific to Oracle Java, not present in IcedTea)
- openjdk-7 <not-affected> (Specific to Oracle Java, not present in IcedTea)
NOTE: Due to the vague disclosure policy by Oracle the exact nature is unknown but since no patch landed in icedtea, we consider it not-affected
-CVE-2013-0408
- RESERVED
+CVE-2013-0408 (Unspecified vulnerability in Oracle Sun Solaris 10 allows local users ...)
+ TODO: check
CVE-2013-0407 (Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local ...)
NOT-FOR-US: Solaris
-CVE-2013-0406
- RESERVED
-CVE-2013-0405
- RESERVED
-CVE-2013-0404
- RESERVED
-CVE-2013-0403
- RESERVED
+CVE-2013-0406 (Unspecified vulnerability in Oracle Sun Solaris 10 allows remote ...)
+ TODO: check
+CVE-2013-0405 (Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11 ...)
+ TODO: check
+CVE-2013-0404 (Unspecified vulnerability in Oracle Sun Solaris 10 allows local users ...)
+ TODO: check
+CVE-2013-0403 (Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11 ...)
+ TODO: check
CVE-2013-0402 (Heap-based buffer overflow in Oracle Java 7 Update 17, and possibly ...)
- openjdk-7 <undetermined>
NOTE: No details currently known
@@ -9485,7 +9486,7 @@
- mysql-5.5 <unfixed> (low; bug #695001)
NOTE: https://mariadb.atlassian.net/browse/MDEV-3909
NOTE: http://seclists.org/fulldisclosure/2012/Dec/9
-CVE-2012-5614 (MySQL 5.5.19 and possibly other versions, and MariaDB 5.5.28a and ...)
+CVE-2012-5614 (Oracle MySQL 5.1.67 and earlier and 5.5.29 and earlier, and MariaDB ...)
- mysql-5.1 <unfixed> (low; bug #695001)
- mysql-5.5 <unfixed> (low; bug #695001)
NOTE: https://mariadb.atlassian.net/browse/MDEV-3910
@@ -13129,8 +13130,8 @@
- openjdk-7 <not-affected> (JavaFX not part of OpenJDK)
CVE-2012-4304
RESERVED
-CVE-2012-4303
- RESERVED
+CVE-2012-4303 (Unspecified vulnerability in the Oracle WebCenter Content component in ...)
+ TODO: check
CVE-2012-4302
RESERVED
CVE-2012-4301 (Unspecified vulnerability in the JavaFX component in Oracle Java SE ...)
@@ -22446,12 +22447,12 @@
- mysql-5.5 5.5.29+dfsg-1
CVE-2012-0571 (Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking ...)
NOT-FOR-US: Oracle Financial Services Software
-CVE-2012-0570
- RESERVED
+CVE-2012-0570 (Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11 ...)
+ TODO: check
CVE-2012-0569 (Unspecified vulnerability Oracle Sun Solaris 10 allows local users to ...)
NOT-FOR-US: Oracle Sun Solaris
-CVE-2012-0568
- RESERVED
+CVE-2012-0568 (Unspecified vulnerability in Oracle Sun Solaris 8, 9, and 10 allows ...)
+ TODO: check
CVE-2012-0567 (Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking ...)
NOT-FOR-US: Oracle Financial Services Software
CVE-2012-0566 (Unspecified vulnerability in the Oracle Agile component in Oracle ...)
More information about the Secure-testing-commits
mailing list