[Secure-testing-commits] r22099 - data/CVE

Moritz Muehlenhoff jmm at alioth.debian.org
Tue Apr 30 10:05:14 UTC 2013 

Author: jmm
Date: 2013-04-30 10:05:14 +0000 (Tue, 30 Apr 2013)
New Revision: 22099

Modified:
   data/CVE/list
Log:
new automysqlbackup issue (no CVE yet)
two glassfish issues don't affect 2.x
update affected status for several mysql issues


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2013-04-30 09:14:25 UTC (rev 22098)
+++ data/CVE/list	2013-04-30 10:05:14 UTC (rev 22099)
@@ -1,3 +1,5 @@
+CVE-2013-XXXX [automysqlbackup code injection]
+	- automysqlbackup 2.6+debian.3-1 (bug #706099)
 CVE-2013-3300
 	RESERVED
 CVE-2013-3299
@@ -2034,8 +2036,8 @@
 CVE-2013-2396 (Unspecified vulnerability in the Oracle Applications Manager component ...)
 	NOT-FOR-US: Oracle E-Business Suite
 CVE-2013-2395 (Unspecified vulnerability in Oracle MySQL 5.6.10 and earlier allows ...)
-	- mysql-5.5 <unfixed>		
-	- mysql-5.1 <removed>
+	- mysql-5.5 <not-affected> (Only affects MySQL 5.6)
+	- mysql-5.1 <not-affected> (Only affects MySQL 5.6)
 CVE-2013-2394 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
 	TODO: check
 CVE-2013-2393 (Unspecified vulnerability in the Oracle Outside In Technology ...)
@@ -2068,8 +2070,8 @@
 CVE-2013-2382 (Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking ...)
 	NOT-FOR-US: Oracle Financial Services Software
 CVE-2013-2381 (Unspecified vulnerability in Oracle MySQL 5.6.10 and earlier allows ...)
-	- mysql-5.5 <unfixed>		
-	- mysql-5.1 <removed>
+	- mysql-5.1 <not-affected> (Only affects MySQL 5.6)
+	- mysql-5.5 <not-affected> (Only affects MySQL 5.6)
 CVE-2013-2380 (Unspecified vulnerability in the Oracle JRockit component in Oracle ...)
 	NOT-FOR-US: Oracle Fusion Middleware
 CVE-2013-2379 (Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking ...)
@@ -2081,7 +2083,7 @@
 	NOT-FOR-US: Oracle Financial Services Software
 CVE-2013-2376 (Unspecified vulnerability in Oracle MySQL 5.5.30 and earlier and ...)
 	- mysql-5.5 <unfixed>		
-	- mysql-5.1 <removed>
+	- mysql-5.1 <not-affected> (Only affects MySQL 5.5 and 5.6)
 CVE-2013-2375 (Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 ...)
 	- mysql-5.5 <unfixed>		
 	- mysql-5.1 <removed>
@@ -4073,19 +4075,19 @@
 CVE-2013-1571
 	RESERVED
 CVE-2013-1570 (Unspecified vulnerability in Oracle MySQL 5.6.10 and earlier allows ...)
-	- mysql-5.5 <unfixed>		
-	- mysql-5.1 <removed>
+	- mysql-5.5 <not-affected> (Only affects MySQL 5.6)
+	- mysql-5.1 <not-affected> (Only affects MySQL 5.6)
 CVE-2013-1569 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
 	- openjdk-7 7u21-2.3.9-1
 	- openjdk-6 6b27-1.12.5-1
 CVE-2013-1568 (Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking ...)
 	NOT-FOR-US: Oracle Financial Services Software
 CVE-2013-1567 (Unspecified vulnerability in Oracle MySQL 5.6.10 and earlier allows ...)
-	- mysql-5.5 <unfixed>		
-	- mysql-5.1 <removed>
+	- mysql-5.5 <not-affected> (Only affects MySQL 5.6)
+	- mysql-5.1 <not-affected> (Only affects MySQL 5.6)
 CVE-2013-1566 (Unspecified vulnerability in Oracle MySQL 5.6.10 and earlier allows ...)
-	- mysql-5.5 <unfixed>		
-	- mysql-5.1 <removed>
+	- mysql-5.5 <not-affected> (Only affects MySQL 5.6)
+	- mysql-5.1 <not-affected> (Only affects MySQL 5.6)
 CVE-2013-1565 (Unspecified vulnerability in the Oracle GoldenGate Veridata component ...)
 	NOT-FOR-US: Oracle Fusion Middleware
 CVE-2013-1564 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
@@ -4129,7 +4131,7 @@
 CVE-2013-1549 (Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking ...)
 	NOT-FOR-US: Oracle Financial Services Software
 CVE-2013-1548 (Unspecified vulnerability in Oracle MySQL 5.1.63 and earlier allows ...)
-	- mysql-5.5 <unfixed>		
+	- mysql-5.5 <not-affected> (Only affects MySQL 5.1)
 	- mysql-5.1 <removed>
 CVE-2013-1547 (Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking ...)
 	NOT-FOR-US: Oracle Financial Services Software
@@ -4181,14 +4183,14 @@
 	NOT-FOR-US: Oracle PeopleSoft Products
 CVE-2013-1526 (Unspecified vulnerability in Oracle MySQL 5.5.29 and earlier allows ...)
 	- mysql-5.5 <unfixed>		
-	- mysql-5.1 <removed>
+	- mysql-5.1 <not-affected> (Only affects MySQL 5.5)
 CVE-2013-1525 (Unspecified vulnerability in the Oracle Retail Integration Bus ...)
 	NOT-FOR-US: Oracle Industry Applications
 CVE-2013-1524 (Unspecified vulnerability in the Oracle Application Object Library ...)
 	NOT-FOR-US: Oracle E-Business Suite
 CVE-2013-1523 (Unspecified vulnerability in Oracle MySQL 5.5.29 and earlier and ...)
 	- mysql-5.5 <unfixed>		
-	- mysql-5.1 <removed>
+	- mysql-5.1 <not-affected> (Only affects MySQL 5.5 and 5.6)
 CVE-2013-1522 (Unspecified vulnerability in the Oracle WebCenter Content component in ...)
 	NOT-FOR-US: Oracle Fusion Middleware
 CVE-2013-1521 (Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier and ...)
@@ -4206,23 +4208,23 @@
 CVE-2013-1516 (Unspecified vulnerability in the Oracle WebCenter Capture component in ...)
 	NOT-FOR-US: Oracle Fusion Middleware
 CVE-2013-1515 (Unspecified vulnerability in the Oracle GlassFish Server component in ...)
-	NOT-FOR-US: Oracle Sun Middleware Products
+	- glassfish <not-affected> (Only affects 3.x)
 CVE-2013-1514 (Unspecified vulnerability in the Oracle Containers for J2EE component ...)
 	NOT-FOR-US: Oracle Fusion Middleware
 CVE-2013-1513 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
 	NOT-FOR-US: Oracle PeopleSoft Products
 CVE-2013-1512 (Unspecified vulnerability in Oracle MySQL 5.5.29 and earlier allows ...)
 	- mysql-5.5 <unfixed>
-	- mysql-5.1 <removed>
+	- mysql-5.1 <not-affected> (Only affects MySQL 5.5)
 CVE-2013-1511 (Unspecified vulnerability in Oracle MySQL 5.5.30 and earlier and ...)
 	- mysql-5.5 <unfixed>		
-	- mysql-5.1 <removed>
+	- mysql-5.1 <not-affected> (Only affects MySQL 5.5 and 5.6)
 CVE-2013-1510 (Unspecified vulnerability in the Siebel UI Framework component in ...)
 	NOT-FOR-US: Oracle Siebel
 CVE-2013-1509 (Unspecified vulnerability in the Oracle WebCenter Sites component in ...)
 	NOT-FOR-US: Oracle Fusion
 CVE-2013-1508 (Unspecified vulnerability in the Oracle GlassFish Server component in ...)
-	- glassfish <unfixed>
+	- glassfish <not-affected> (Only affects 3.x)
 CVE-2013-1507 (Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local ...)
 	NOT-FOR-US: Solaris
 CVE-2013-1506 (Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier, 5.5.29 ...)
@@ -4236,7 +4238,7 @@
 	NOT-FOR-US: Oracle Fusion
 CVE-2013-1502 (Unspecified vulnerability in Oracle MySQL 5.5.30 and earlier and 5.6.9 ...)
 	- mysql-5.5 <unfixed>		
-	- mysql-5.1 <removed>
+	- mysql-5.1 <not-affected> (Only affects MySQL 5.5 and 5.6)
 CVE-2013-1501 (Unspecified vulnerability in the Oracle iStore component in Oracle ...)
 	NOT-FOR-US: Oracle E-Business Suite
 CVE-2013-1500

More information about the Secure-testing-commits mailing list