[Secure-testing-commits] r24664 - in data: . CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Tue Dec 10 07:10:53 UTC 2013
Author: jmm
Date: 2013-12-10 07:10:53 +0000 (Tue, 10 Dec 2013)
New Revision: 24664
Modified:
data/CVE/list
data/dsa-needed.txt
Log:
rails N/A
zabbix no-dsa
take openjdk7
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-12-10 07:00:51 UTC (rev 24663)
+++ data/CVE/list 2013-12-10 07:10:53 UTC (rev 24664)
@@ -1212,7 +1212,9 @@
RESERVED
CVE-2013-6824 [Possible shell command injection]
RESERVED
- - zabbix 1:2.2.0+dfsg-6
+ - zabbix 1:2.2.0+dfsg-6 (low)
+ [squeeze] - zabbix <no-dsa> (Minor issue)
+ [wheezy] - zabbix <no-dsa> (Minor issue)
NOTE: https://support.zabbix.com/browse/ZBX-7479
CVE-2013-6823 (GRMGApp in SAP NetWeaver allows remote attackers to bypass intended ...)
NOT-FOR-US: SAP
@@ -2111,10 +2113,9 @@
NOTE: fixed by https://git.kernel.org/linus/cf970c002d270c36202bd5b9c2804d3097a52da0
CVE-2013-6431 [net: fib: fib6_add: potential NULL pointer dereference]
RESERVED
- - linux-2.6 <removed>
- - linux <unfixed>
+ - linux-2.6 <removed> (low)
+ - linux <unfixed> (low)
NOTE: fixed by https://git.kernel.org/linus/ae7b4e1f213aa659aedf9c6ecad0bf5f0476e1e2
- TODO: check
CVE-2013-6430
RESERVED
CVE-2013-6429
@@ -2157,8 +2158,8 @@
CVE-2013-6416 (Cross-site scripting (XSS) vulnerability in the simple_format helper ...)
- rails-4.0 4.0.2+dfsg-1 (bug #731290)
- ruby-actionpack-3.2 <not-affected> (vulnerable code not present)
- - ruby-actionpack-2.3 <not-affected> (vulnerable coee not present)
- - rails 2.3.14.1
+ - ruby-actionpack-2.3 <not-affected> (vulnerable code not present)
+ - rails <not-affected> (vulnerable code not present)
NOTE: Starting with 2.3.14.1 rails is a transition package
CVE-2013-6415 (Cross-site scripting (XSS) vulnerability in the number_to_currency ...)
- rails-4.0 4.0.2+dfsg-1 (bug #731290)
Modified: data/dsa-needed.txt
===================================================================
--- data/dsa-needed.txt 2013-12-10 07:00:51 UTC (rev 24663)
+++ data/dsa-needed.txt 2013-12-10 07:10:53 UTC (rev 24664)
@@ -55,7 +55,7 @@
--
openjdk6
--
-openjdk7/stable
+openjdk7/stable (jmm)
--
openswan
--
More information about the Secure-testing-commits
mailing list