[Secure-testing-commits] r23354 - data/CVE
Moritz Muehlenhoff
jmm at alioth.debian.org
Mon Aug 19 16:13:51 UTC 2013
Author: jmm
Date: 2013-08-19 16:13:51 +0000 (Mon, 19 Aug 2013)
New Revision: 23354
Modified:
data/CVE/list
Log:
struts not-affected
update kernel status
polarssl no-dsa
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-08-19 08:33:25 UTC (rev 23353)
+++ data/CVE/list 2013-08-19 16:13:51 UTC (rev 23354)
@@ -1164,7 +1164,7 @@
CVE-2013-4761
RESERVED
- puppet 3.2.4-1 (low)
- [squeeze] - puppet <no-dsa> (non-standard config and local access to master)
+ [squeeze] - puppet <no-dsa> (non-standard config and attacker requires local access to master)
CVE-2013-4760
RESERVED
CVE-2013-4759 (Multiple cross-site scripting (XSS) vulnerabilities in the Magnolia ...)
@@ -1504,8 +1504,9 @@
RESERVED
CVE-2013-4623 [polarssl: DoS through Certificate message during handshake]
RESERVED
- - polarssl 1.2.8-1
- [wheezy] - polarssl <unfixed> (bug #719954)
+ - polarssl 1.2.8-1 (low; bug #719954)
+ [squeeze] - polarssl <no-dsa> (Minor issue)
+ [wheezy] - polarssl <no-dsa> (Minor issue)
CVE-2013-4622 (The 3G Mobile Hotspot feature on the HTC Droid Incredible has a ...)
NOT-FOR-US: HTC Droid Incredible
CVE-2013-4621
@@ -2252,10 +2253,8 @@
RESERVED
CVE-2013-4254
RESERVED
- - linux <undetermined>
- - linux-2.6 <removed>
- NOTE: only >= 3.11rc and on arm?
- TODO: check
+ - linux <unfixed>
+ - linux-2.6 <not-affected> (No perf support on arm)
CVE-2013-4253
RESERVED
CVE-2013-4252
@@ -33934,7 +33933,7 @@
[squeeze] - chromium-browser <end-of-life>
CVE-2011-3923
RESERVED
- - libstruts1.2-java <unfixed>
+ - libstruts1.2-java <not-affected> (Only affects 2.x)
- libspring-2.5-java <unfixed>
TODO: check
NOTE: https://cwiki.apache.org/confluence/display/WW/S2-009
More information about the Secure-testing-commits
mailing list