[Secure-testing-commits] r23177 - data/CVE

Joey Hess joeyh at alioth.debian.org
Fri Aug 2 21:14:23 UTC 2013 

Author: joeyh
Date: 2013-08-02 21:14:22 +0000 (Fri, 02 Aug 2013)
New Revision: 23177

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2013-08-02 20:30:22 UTC (rev 23176)
+++ data/CVE/list	2013-08-02 21:14:22 UTC (rev 23177)
@@ -695,6 +695,7 @@
 	NOT-FOR-US: OTRS ITSM	
 CVE-2013-4717 [SQL injection]
 	RESERVED
+	{DSA-2733-1}
 	- otrs2 3.2.9-1
 	NOTE: http://www.otrs.com/en/open-source/community-news/security-advisories/security-advisory-2013-05/
 CVE-2012-6581 (Best Practical Solutions RT 3.8.x before 3.8.15 and 4.0.x before ...)
@@ -913,8 +914,8 @@
 	NOT-FOR-US: Huawei viewpoint
 CVE-2013-4628 (The firewall module on the Huawei Quidway Service Process Unit (SPU) ...)
 	NOT-FOR-US: Huawei Quidway Service Process Unit
-CVE-2013-4627
-	RESERVED
+CVE-2013-4627 (Unspecified vulnerability in bitcoind and Bitcoin-Qt 0.8.x allows ...)
+	TODO: check
 CVE-2012-6571 (The HTTP module in the (1) Branch Intelligent Management System (BIMS) ...)
 	NOT-FOR-US: Branch Intelligent Management System, Huawei routers
 CVE-2012-6570 (The HTTP module in the (1) Branch Intelligent Management System (BIMS) ...)
@@ -1871,8 +1872,7 @@
 	RESERVED
 	- evolution <unfixed> (unimportant)
 	NOTE: Regular UI bug, not a security issue. 
-CVE-2013-4165 [timing leak]
-	RESERVED
+CVE-2013-4165 (The HTTPAuthorized function in bitcoinrpc.cpp in bitcoind 0.8.1 ...)
 	- bitcoin <unfixed> (bug #717828)
 	NOTE: https://github.com/bitcoin/bitcoin/issues/2838
 CVE-2013-4164
@@ -3583,8 +3583,8 @@
 	RESERVED
 CVE-2013-3449
 	RESERVED
-CVE-2013-3448
-	RESERVED
+CVE-2013-3448 (Cisco WebEx Meetings Server does not check whether a user account is ...)
+	TODO: check
 CVE-2013-3447
 	RESERVED
 CVE-2013-3446
@@ -4124,10 +4124,10 @@
 	- rails 2.3.14.1 (unimportant)
 	NOTE: Starting with 2.3.14.1 rails is a transition package
 	NOTE: This is a general design problem and only mitigated by documented best practices
-CVE-2013-3220
-	RESERVED
-CVE-2013-3219
-	RESERVED
+CVE-2013-3220 (bitcoind and Bitcoin-Qt before 0.4.9rc2, 0.5.x before 0.5.8rc2, 0.6.x ...)
+	TODO: check
+CVE-2013-3219 (bitcoind and Bitcoin-Qt 0.8.x before 0.8.1 do not enforce a certain ...)
+	TODO: check
 CVE-2013-3218
 	RESERVED
 CVE-2013-3217
@@ -9769,8 +9769,8 @@
 	NOT-FOR-US: Cisco Device Manager
 CVE-2013-1191
 	RESERVED
-CVE-2013-1190
-	RESERVED
+CVE-2013-1190 (The C-Series Rack Server component 1.4 in Cisco Unified Computing ...)
+	TODO: check
 CVE-2013-1189 (Cisco Universal Broadband (aka uBR) 10000 series routers, when an ...)
 	NOT-FOR-US: Cisco Universal Broadband 10000 series routers
 CVE-2013-1188 (Cisco Unified Communications Manager (CUCM) does not properly limit ...)

More information about the Secure-testing-commits mailing list