[Secure-testing-commits] r23335 - in data: . CVE

Moritz Muehlenhoff jmm at alioth.debian.org
Fri Aug 16 08:31:50 UTC 2013 

Author: jmm
Date: 2013-08-16 08:31:49 +0000 (Fri, 16 Aug 2013)
New Revision: 23335

Modified:
   data/CVE/list
   data/dsa-needed.txt
Log:
new puppet issues
several issues onl affect Puppet enterprise


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2013-08-16 06:15:04 UTC (rev 23334)
+++ data/CVE/list	2013-08-16 08:31:49 UTC (rev 23335)
@@ -306,32 +306,40 @@
 	RESERVED
 CVE-2013-4968
 	RESERVED
+	- puppet <not-affected> (Only affects Puppet Enterprise)
 CVE-2013-4967
 	RESERVED
+	- puppet <not-affected> (Only affects Puppet Enterprise)
 CVE-2013-4966
 	RESERVED
 CVE-2013-4965
 	RESERVED
 CVE-2013-4964
 	RESERVED
+	- puppet <not-affected> (Only affects Puppet Enterprise)
 CVE-2013-4963
 	RESERVED
 CVE-2013-4962
 	RESERVED
 CVE-2013-4961
 	RESERVED
+	- puppet <not-affected> (Only affects Puppet Enterprise)
 CVE-2013-4960
 	RESERVED
 CVE-2013-4959
 	RESERVED
+	- puppet <not-affected> (Only affects Puppet Enterprise)
 CVE-2013-4958
 	RESERVED
+	- puppet <not-affected> (Only affects Puppet Enterprise)
 CVE-2013-4957
 	RESERVED
 CVE-2013-4956
 	RESERVED
+	- puppet <unfixed>
 CVE-2013-4955
 	RESERVED
+	- puppet <not-affected> (Only affects Puppet Enterprise)
 CVE-2013-4954 (Multiple cross-site scripting (XSS) vulnerabilities in wp-login.php in ...)
 	NOT-FOR-US: Genetech Solutions Pie-Register
 CVE-2013-4953 (SQL injection vulnerability in play.php in Top Games Script 1.2 allows ...)
@@ -796,8 +804,10 @@
 	RESERVED
 CVE-2013-4762
 	RESERVED
+	- puppet <not-affected> (Only affects Puppet Enterprise)
 CVE-2013-4761
 	RESERVED
+	- puppet <unfixed>
 CVE-2013-4760
 	RESERVED
 CVE-2013-4759 (Multiple cross-site scripting (XSS) vulnerabilities in the Magnolia ...)
@@ -2514,6 +2524,7 @@
 	RESERVED
 	- ruby1.8 1.8.7.358-7.1 (bug #714541)
 	- ruby1.9.1 1.9.3.194-8.2 (bug #714543)
+	- puppet <not-affected> (Only affects Puppet Enterprise)
 	NOTE: http://www.ruby-lang.org/en/news/2013/06/27/hostname-check-bypassing-vulnerability-in-openssl-client-cve-2013-4073/
 	NOTE: https://github.com/ruby/ruby/commit/2669b84d407ab431e965145c827db66c91158f89 (1.9.3)
 	NOTE: https://github.com/ruby/ruby/commit/961bf7496ded3acfe847cf56fa90bbdcfd6e614f (1.8.7)

Modified: data/dsa-needed.txt
===================================================================
--- data/dsa-needed.txt	2013-08-16 06:15:04 UTC (rev 23334)
+++ data/dsa-needed.txt	2013-08-16 08:31:49 UTC (rev 23335)
@@ -62,6 +62,8 @@
 pidgin/oldstable
   The version in squeeze is likely too outdated anyway, so end-of-life might be the better option
 --
+puppet
+--
 python-django
 --
 quagga

More information about the Secure-testing-commits mailing list