[Secure-testing-commits] r23211 - data/CVE

[Joey Hess]

Author: joeyh
Date: 2013-08-06 21:14:25 +0000 (Tue, 06 Aug 2013)
New Revision: 23211

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2013-08-06 20:33:32 UTC (rev 23210)
+++ data/CVE/list	2013-08-06 21:14:25 UTC (rev 23211)
@@ -2055,8 +2055,7 @@
 	- linux <unfixed>
 	[wheezy] - linux <not-affected> (Introduced in 3.7)
 	- linux-2.6 <not-affected> (Introduced in 3.7)
-CVE-2013-4124
-	RESERVED
+CVE-2013-4124 (Integer overflow in the read_nttrans_ea_list function in nttrans.c in ...)
 	- samba 2:3.6.17-1 (low)
 	[wheezy] - samba <no-dsa> (Minor issue)
 	[squeeze] - samba <no-dsa> (Minor issue)
@@ -2407,16 +2406,16 @@
 	RESERVED
 CVE-2013-3997
 	RESERVED
-CVE-2013-3996
-	RESERVED
-CVE-2013-3995
-	RESERVED
+CVE-2013-3996 (IBM InfoSphere BigInsights 1.1 through 2.1 does not properly handle ...)
+	TODO: check
+CVE-2013-3995 (Cross-site scripting (XSS) vulnerability in IBM InfoSphere BigInsights ...)
+	TODO: check
 CVE-2013-3994
 	RESERVED
 CVE-2013-3993
 	RESERVED
-CVE-2013-3992
-	RESERVED
+CVE-2013-3992 (Cross-site request forgery (CSRF) vulnerability in IBM InfoSphere ...)
+	TODO: check
 CVE-2013-3991
 	RESERVED
 CVE-2013-3990
@@ -8697,16 +8696,15 @@
 	NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=702b436ef470cc02f8e2cc21f2fadeee42103c74
 CVE-2013-1634
 	RESERVED
-CVE-2013-1633
-	RESERVED
+CVE-2013-1633 (easy_install in setuptools before 0.7 uses HTTP to retrieve packages ...)
+	TODO: check
 CVE-2013-1632
 	RESERVED
 CVE-2013-1631
 	RESERVED
-CVE-2013-1630
-	RESERVED
-CVE-2013-1629
-	RESERVED
+CVE-2013-1630 (pyshop before 0.7.1 uses HTTP to retrieve packages from the PyPI ...)
+	TODO: check
+CVE-2013-1629 (pip before 1.3 uses HTTP to retrieve packages from the PyPI ...)
 	- python-pip 1.3.1-1 (low; bug #710163)
 	[wheezy] - python-pip <no-dsa> (Minor issue)
 	[squeeze] - python-pip <no-dsa> (Minor issue)