[Secure-testing-commits] r22107 - data/CVE
Joey Hess
joeyh at alioth.debian.org
Tue Apr 30 21:14:25 UTC 2013
Author: joeyh
Date: 2013-04-30 21:14:24 +0000 (Tue, 30 Apr 2013)
New Revision: 22107
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-04-30 14:50:51 UTC (rev 22106)
+++ data/CVE/list 2013-04-30 21:14:24 UTC (rev 22107)
@@ -1,3 +1,17 @@
+CVE-2013-3309
+ RESERVED
+CVE-2013-3308
+ RESERVED
+CVE-2013-3307
+ RESERVED
+CVE-2013-3306
+ RESERVED
+CVE-2013-3305
+ RESERVED
+CVE-2013-3304
+ RESERVED
+CVE-2013-3303
+ RESERVED
CVE-2013-XXXX [automysqlbackup code injection]
- automysqlbackup 2.6+debian.3-1 (bug #706099)
CVE-2013-XXXX [autopostgresqlbackup code injection]
@@ -771,6 +785,7 @@
RESERVED
CVE-2013-2944
RESERVED
+ {DSA-2665-1}
- strongswan 4.6.4-7
CVE-2013-2943
RESERVED
@@ -3042,8 +3057,7 @@
NOT-FOR-US: RESTful Web Services (RESTWS) Drupal cotributed module
CVE-2013-1945
RESERVED
-CVE-2013-1944 [libcurl cookie domain tailmatch]
- RESERVED
+CVE-2013-1944 (The tailMatch function in cookie.c in cURL and libcurl before 7.30.0 ...)
{DSA-2660-1}
- curl 7.29.0-2.1 (bug #705274)
[wheezy] - curl 7.26.0-1+wheezy2
@@ -3106,11 +3120,9 @@
CVE-2013-1928 (The do_video_set_spu_palette function in fs/compat_ioctl.c in the ...)
- linux <unfixed>
- linux-2.6 <removed>
-CVE-2013-1927
- RESERVED
+CVE-2013-1927 (The IcedTea-Web plugin before 1.2.3 and 1.3.x before 1.3.2 allows ...)
- icedtea-web 1.3.2-1
-CVE-2013-1926
- RESERVED
+CVE-2013-1926 (The IcedTea-Web plugin before 1.2.3 and 1.3.x before 1.3.2 uses the ...)
- icedtea-web 1.3.2-1
CVE-2013-1925
RESERVED
@@ -3153,8 +3165,7 @@
- libapache-mod-security <removed>
NOTE: https://github.com/SpiderLabs/ModSecurity/commit/d4d80b38aa85eccb26e3c61b04d16e8ca5de76fe
NOTE: http://marc.info/?l=oss-security&m=136499182131283&w=2
-CVE-2013-1914 [getaddrinfo() stack overflow]
- RESERVED
+CVE-2013-1914 (Stack-based buffer overflow in the getaddrinfo function in ...)
- eglibc <unfixed> (bug #704623)
CVE-2013-1913
RESERVED
@@ -5024,8 +5035,8 @@
NOT-FOR-US: Cisco Unified Computing System
CVE-2013-1197 (The XML parser in the server in Cisco Unified Presence (CUP) allows ...)
NOT-FOR-US: Cisco Unified Presence
-CVE-2013-1196
- RESERVED
+CVE-2013-1196 (The command-line interface in Cisco Secure Access Control System ...)
+ TODO: check
CVE-2013-1195 (The time-based ACL implementation on Cisco Adaptive Security ...)
NOT-FOR-US: isco Adaptive Security Appliances
CVE-2013-1194 (The ISAKMP implementation on Cisco Adaptive Security Appliances (ASA) ...)
@@ -9203,12 +9214,12 @@
NOT-FOR-US: IBM TRIRIGA Application Platform
CVE-2012-5948 (Multiple cross-site scripting (XSS) vulnerabilities in IBM TRIRIGA ...)
NOT-FOR-US: IBM TRIRIGA Application Platform
-CVE-2012-5947
- RESERVED
-CVE-2012-5946
- RESERVED
-CVE-2012-5945
- RESERVED
+CVE-2012-5947 (Buffer overflow in the vsflex7l ActiveX control in IBM SPSS ...)
+ TODO: check
+CVE-2012-5946 (Buffer overflow in the c1sizer ActiveX control in C1sizer.ocx in IBM ...)
+ TODO: check
+CVE-2012-5945 (Multiple buffer overflows in the Vsflex8l ActiveX control in IBM SPSS ...)
+ TODO: check
CVE-2012-5944
RESERVED
CVE-2012-5943 (Cross-site scripting (XSS) vulnerability in IBM iNotes 8.5.x before ...)
@@ -11086,8 +11097,8 @@
NOT-FOR-US: vBSEO
CVE-2012-5222
RESERVED
-CVE-2012-5221
- RESERVED
+CVE-2012-5221 (Unspecified vulnerability on the HP LaserJet 4xxx, 5200, 90xx, M30xx, ...)
+ TODO: check
CVE-2012-5220 (Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, ...)
NOT-FOR-US: HP Storage Data Protector
CVE-2012-5219 (Cross-site scripting (XSS) vulnerability in HP Managed Printing ...)
More information about the Secure-testing-commits
mailing list