[Secure-testing-commits] r23329 - data/CVE

Joey Hess joeyh at alioth.debian.org
Thu Aug 15 21:14:27 UTC 2013 

Author: joeyh
Date: 2013-08-15 21:14:27 +0000 (Thu, 15 Aug 2013)
New Revision: 23329

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2013-08-15 18:11:58 UTC (rev 23328)
+++ data/CVE/list	2013-08-15 21:14:27 UTC (rev 23329)
@@ -1,3 +1,9 @@
+CVE-2013-5122
+	RESERVED
+CVE-2013-5121 (SQL injection vulnerability in PHPFox before 3.6.0 (build6) allows ...)
+	TODO: check
+CVE-2013-5120 (SQL injection vulnerability in PHPFox before 3.6.0 (build4) allows ...)
+	TODO: check
 CVE-2013-5119
 	RESERVED
 CVE-2013-5118
@@ -7238,15 +7244,13 @@
 	[squeeze] - linux-2.6 2.6.32-24
 	- linux 2.6.35-1~experimental.1
 	NOTE: https://git.kernel.org/linus/baff42ab1494528907bf4d5870359e31711746ae
-CVE-2013-2127 [libraw: buffer overflow]
-	RESERVED
+CVE-2013-2127 (Buffer overflow in the exposure correction code in LibRaw before ...)
 	- libraw <not-affected> (Only affects 0.15, 0.15 was only in experimental)
 	- libkdcraw <not-affected> (embeds libraw 0.14)
 	- darktable <not-affected> (embeds libraw 0.14)
 	NOTE: http://www.openwall.com/lists/oss-security/2013/05/28/3
 	NOTE: https://github.com/LibRaw/LibRaw/commit/2f912f5b33582961b1cdbd9fd828589f8b78f21d
-CVE-2013-2126 [libraw: double-free]
-	RESERVED
+CVE-2013-2126 (Multiple double free vulnerabilities in the LibRaw::unpack function in ...)
 	- libraw 0.15.3-1 (low; bug #710353)
 	[wheezy] - libraw <no-dsa> (Not suitable for code injection, minor issue)
 	[squeeze] - libraw <not-affected> (Vulnerable code not present)
@@ -7437,8 +7441,7 @@
 CVE-2013-2079 (mod/assign/locallib.php in the assignment module in Moodle 2.3.x ...)
 	- moodle <not-affected> (Only affects 2.3 and later)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-38443
-CVE-2013-2078 [xen: Hypervisor crash due to missing exception recovery on XSETBV]
-	RESERVED
+CVE-2013-2078 (Xen 4.0.2 through 4.0.4, 4.1.x, and 4.2.x allows local PV guest users ...)
 	- xen 4.2.2-1
 	NOTE: http://lists.xen.org/archives/html/xen-announce/2013-06/msg00000.html
 CVE-2013-2077 [xen: Hypervisor crash due to missing exception recovery on XRSTOR]

More information about the Secure-testing-commits mailing list