[Secure-testing-commits] r24518 - data/CVE

[Moritz Muehlenhoff]

Author: jmm
Date: 2013-12-02 09:23:21 +0000 (Mon, 02 Dec 2013)
New Revision: 24518

Modified:
   data/CVE/list
Log:
bugs filed for solr
quassel no-dsa


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2013-12-02 09:01:08 UTC (rev 24517)
+++ data/CVE/list	2013-12-02 09:23:21 UTC (rev 24518)
@@ -1085,26 +1085,25 @@
 	NOTE: https://bitbucket.org/jwilk/adequate/commits/94e5fc5d810057bffb673501ed809f7c2dabd9ee
 CVE-2013-6408
 	RESERVED
-	- lucene-solr <unfixed>
+	- lucene-solr <unfixed> (bug #731113)
 	NOTE: https://issues.apache.org/jira/browse/SOLR-4881
-	TODO: check (confirmed that they at least affect also 3.6.2)
 CVE-2013-6407
 	RESERVED
-	- lucene-solr <unfixed>
+	- lucene-solr <unfixed> (bug #731113)
 	NOTE: https://issues.apache.org/jira/browse/SOLR-3895
-	TODO: check (confirmed that they at least affect also 3.6.2)
 CVE-2013-6406 [OpenStack Horizon: Nova strings persistent XSS ]
 	RESERVED
 	- horizon <unfixed> (bug #730752)
 	NOTE: https://github.com/openstack/horizon/commit/6179f70290783e55b10bbd4b3b7ee74db3f8ef70
 CVE-2013-6405 [net: uninitialised memory leakage]
 	RESERVED
-	- linux-2.6 <removed>
-	- linux <unfixed>
-	TODO: check
+	- linux-2.6 <removed> (low)
+	- linux <unfixed> (low)
 CVE-2013-6404 [manipulated clients can access backlog of all users on a shared core]
 	RESERVED
-	- quassel 0.9.2-1
+	- quassel 0.9.2-1 (low)
+	[wheezy] - quassel <no-dsa> (Minor issue)
+	[squeeze] - quassel <no-dsa> (Minor issue)
 	NOTE: https://github.com/quassel/quassel/commit/a1a24da
 CVE-2013-6403 [security bypass on admin page]
 	RESERVED
@@ -1124,9 +1123,8 @@
 	RESERVED
 CVE-2013-6397
 	RESERVED
-	- lucene-solr <undetermined>
+	- lucene-solr <unfixed> (bug #731113)
 	NOTE: https://issues.apache.org/jira/browse/SOLR-4882
-	TODO: check
 CVE-2013-6396 [does not properly verify the server SSL certificates]
 	RESERVED
 	- python-swiftclient <unfixed> (bug #730626)