[Secure-testing-commits] r22022 - data/CVE

Joey Hess joeyh at alioth.debian.org
Mon Apr 22 21:14:30 UTC 2013 

Author: joeyh
Date: 2013-04-22 21:14:30 +0000 (Mon, 22 Apr 2013)
New Revision: 22022

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2013-04-22 21:07:14 UTC (rev 22021)
+++ data/CVE/list	2013-04-22 21:14:30 UTC (rev 22022)
@@ -1,3 +1,57 @@
+CVE-2013-3237 (The vsock_stream_sendmsg function in net/vmw_vsock/af_vsock.c in the ...)
+	TODO: check
+CVE-2013-3236 (The vmci_transport_dgram_dequeue function in ...)
+	TODO: check
+CVE-2013-3235 (net/tipc/socket.c in the Linux kernel before 3.9-rc7 does not ...)
+	TODO: check
+CVE-2013-3234 (The rose_recvmsg function in net/rose/af_rose.c in the Linux kernel ...)
+	TODO: check
+CVE-2013-3233 (The llcp_sock_recvmsg function in net/nfc/llcp/sock.c in the Linux ...)
+	TODO: check
+CVE-2013-3232 (The nr_recvmsg function in net/netrom/af_netrom.c in the Linux kernel ...)
+	TODO: check
+CVE-2013-3231 (The llc_ui_recvmsg function in net/llc/af_llc.c in the Linux kernel ...)
+	TODO: check
+CVE-2013-3230 (The l2tp_ip6_recvmsg function in net/l2tp/l2tp_ip6.c in the Linux ...)
+	TODO: check
+CVE-2013-3229 (The iucv_sock_recvmsg function in net/iucv/af_iucv.c in the Linux ...)
+	TODO: check
+CVE-2013-3228 (The irda_recvmsg_dgram function in net/irda/af_irda.c in the Linux ...)
+	TODO: check
+CVE-2013-3227 (The caif_seqpkt_recvmsg function in net/caif/caif_socket.c in the ...)
+	TODO: check
+CVE-2013-3226 (The sco_sock_recvmsg function in net/bluetooth/sco.c in the Linux ...)
+	TODO: check
+CVE-2013-3225 (The rfcomm_sock_recvmsg function in net/bluetooth/rfcomm/sock.c in the ...)
+	TODO: check
+CVE-2013-3224 (The bt_sock_recvmsg function in net/bluetooth/af_bluetooth.c in the ...)
+	TODO: check
+CVE-2013-3223 (The ax25_recvmsg function in net/ax25/af_ax25.c in the Linux kernel ...)
+	TODO: check
+CVE-2013-3222 (The vcc_recvmsg function in net/atm/common.c in the Linux kernel ...)
+	TODO: check
+CVE-2013-3221 (The Active Record component in Ruby on Rails 2.3.x, 3.0.x, 3.1.x, and ...)
+	TODO: check
+CVE-2013-3220
+	RESERVED
+CVE-2013-3219
+	RESERVED
+CVE-2013-3218
+	RESERVED
+CVE-2013-3217
+	RESERVED
+CVE-2013-3216
+	RESERVED
+CVE-2013-3215
+	RESERVED
+CVE-2013-3214
+	RESERVED
+CVE-2013-3213
+	RESERVED
+CVE-2013-3212
+	RESERVED
+CVE-2012-6551 (The default configuration of Apache ActiveMQ before 5.8.0 enables a ...)
+	TODO: check
 CVE-2013-XXXX [jPlayer several vulnerabilities]
 	- libjs-jquery-jplayer <unfixed>
 	NOTE: http://www.openwall.com/lists/oss-security/2013/04/21/6
@@ -274,8 +328,8 @@
 	RESERVED
 CVE-2013-3077
 	RESERVED
-CVE-2013-3076
-	RESERVED
+CVE-2013-3076 (The crypto API in the Linux kernel through 3.9-rc8 does not initialize ...)
+	TODO: check
 CVE-2013-3075 (Multiple buffer overflows in ActUWzd.dll 1.0.0.1 in Mitsubishi MX ...)
 	NOT-FOR-US: Mitsubishi MX Component 3
 CVE-2013-3074
@@ -306,8 +360,8 @@
 	RESERVED
 CVE-2013-3061
 	RESERVED
-CVE-2013-3060
-	RESERVED
+CVE-2013-3060 (The web console in Apache ActiveMQ before 5.8.0 does not require ...)
+	TODO: check
 CVE-2013-3059
 	RESERVED
 CVE-2013-3058
@@ -866,8 +920,8 @@
 	RESERVED
 CVE-2013-2781
 	RESERVED
-CVE-2013-2780
-	RESERVED
+CVE-2013-2780 (Siemens SIMATIC S7-1200 PLCs 2.x and 3.x allow remote attackers to ...)
+	TODO: check
 CVE-2013-2779 (Cisco IOS XE 3.4 before 3.4.5S, and 3.5 through 3.7 before 3.7.1S, on ...)
 	NOT-FOR-US: Cisco IOS XE
 CVE-2013-2778 (Cross-site request forgery (CSRF) vulnerability in ...)
@@ -4188,6 +4242,7 @@
 	- lintian 2.5.10.5 (bug #705553; unimportant)
 CVE-2013-1428
 	RESERVED
+	{DSA-2663-1}
 CVE-2013-1427 (The configuration file for the FastCGI PHP support for lighthttpd ...)
 	{DSA-2649-1}
 	- lighttpd 1.4.31-4
@@ -5986,8 +6041,8 @@
 	NOT-FOR-US: e107
 CVE-2012-6433 (Cross-site request forgery (CSRF) vulnerability in ...)
 	NOT-FOR-US: e107
-CVE-2013-0700
-	RESERVED
+CVE-2013-0700 (Siemens SIMATIC S7-1200 PLCs 2.x and 3.x allow remote attackers to ...)
+	TODO: check
 CVE-2013-0699
 	RESERVED
 CVE-2013-0698
@@ -7644,8 +7699,8 @@
 	RESERVED
 CVE-2013-0139 (The Arecont Vision AV1355DN MegaDome camera allows remote attackers to ...)
 	NOT-FOR-US: Arecont Vision
-CVE-2013-0138
-	RESERVED
+CVE-2013-0138 (BitZipper 2013 before Update 1 allows remote attackers to execute ...)
+	TODO: check
 CVE-2013-0137
 	RESERVED
 CVE-2013-0136
@@ -7679,8 +7734,8 @@
 	NOT-FOR-US: ASKIA
 CVE-2013-0123 (Multiple SQL injection vulnerabilities in the administration interface ...)
 	NOT-FOR-US: ASKIA
-CVE-2013-0122
-	RESERVED
+CVE-2013-0122 (The avast! Mobile Security application before 2.0.4400 for Android ...)
+	TODO: check
 CVE-2013-0121
 	RESERVED
 CVE-2013-0120 (The web interface on Dell PowerConnect 6248P switches allows remote ...)
@@ -8263,8 +8318,8 @@
 	NOTE: http://lists.qt-project.org/pipermail/announce/2013-January/000020.html
 	NOTE: https://codereview.qt-project.org/#change,42461
 	NOTE: Fixed in 4:4.8.2+dfsg-10
-CVE-2012-6092
-	RESERVED
+CVE-2012-6092 (Multiple cross-site scripting (XSS) vulnerabilities in the web demos ...)
+	TODO: check
 CVE-2012-6091
 	RESERVED
 CVE-2012-6090 (Multiple stack-based buffer overflows in the expand function in ...)

More information about the Secure-testing-commits mailing list