[Secure-testing-commits] r24738 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Fri Dec 13 16:39:15 UTC 2013
Author: carnil
Date: 2013-12-13 16:39:15 +0000 (Fri, 13 Dec 2013)
New Revision: 24738
Modified:
data/CVE/list
Log:
Update information about CVE-2013-{7060,7061,7062}
Reference:
https://lists.alioth.debian.org/pipermail/pkg-zope-developers/2013-December/008843.html
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-12-13 15:33:31 UTC (rev 24737)
+++ data/CVE/list 2013-12-13 16:39:15 UTC (rev 24738)
@@ -130,13 +130,14 @@
NOT-FOR-US: Monitorix
CVE-2013-7062 [XSS]
RESERVED
- TODO: check plone/zope
+ - zope2.12 <unfixed>
+ - zope2.13 <not-affected> (Vulnerable code not present)
CVE-2013-7061 [Privilege escalation through exposed underlying API]
RESERVED
- TODO: check plone/zope
+ NOT-FOR-US: Plone
CVE-2013-7060 [Filesystem path information leak]
RESERVED
- TODO: check plone/zope
+ NOT-FOR-US: Plone
CVE-2013-7049 [ZNC IRC Bouncer DoS in FiSH Plugin]
RESERVED
NOTE: vulnerable code not found in Debian
More information about the Secure-testing-commits
mailing list