[Secure-testing-commits] r24764 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Mon Dec 16 06:43:54 UTC 2013
Author: jmm
Date: 2013-12-16 06:43:54 +0000 (Mon, 16 Dec 2013)
New Revision: 24764
Modified:
data/CVE/list
Log:
transifex N/A in stable
zope no-dsa and removed from sid
added shm kernel issue to kernel-sec
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-12-16 06:31:27 UTC (rev 24763)
+++ data/CVE/list 2013-12-16 06:43:54 UTC (rev 24764)
@@ -2,10 +2,10 @@
NOT-FOR-US: Bio Basespace SDK Ruby Gem
CVE-2013-7110
- transifex-client <unfixed> (low)
+ [wheezy] - transifex-client <not-affected> (Incomplete patch was never released)
NOTE: fix for CVE-2013-2073 was incorrect/incomplete
NOTE: https://github.com/transifex/transifex-client/issues/42
NOTE: https://github.com/transifex/transifex-client/commit/6d69d61
- TODO: check
CVE-2013-7083
RESERVED
CVE-2013-7068
@@ -76,7 +76,6 @@
CVE-2013-7026 (Multiple race conditions in ipc/shm.c in the Linux kernel before ...)
- linux <unfixed>
- linux-2.6 <removed>
- TODO: check
CVE-2013-7089 [dbg_printhex possible information leak]
- clamav 0.97.7+dfsg-1
NOTE: https://bugzilla.clamav.net/show_bug.cgi?id=6804
@@ -135,7 +134,8 @@
NOT-FOR-US: Monitorix
CVE-2013-7062 [XSS]
RESERVED
- - zope2.12 <unfixed>
+ - zope2.12 <removed> (low)
+ [wheezy] - zope2.12 <no-dsa> (Minor issue)
- zope2.13 <not-affected> (Vulnerable code not present)
CVE-2013-7061 [Privilege escalation through exposed underlying API]
RESERVED
@@ -17079,11 +17079,9 @@
CVE-2013-0848 (The decode_init function in libavcodec/huffyuv.c in FFmpeg before 1.1 ...)
- ffmpeg <removed>
- libav <undetermined>
- NOTE: No related changes in libav git so far
- NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=6abb9a901fca27da14d4fffbb01948288b5da3ba
+ NOTE: Fix in ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=6abb9a901fca27da14d4fffbb01948288b5da3ba
NOTE: Needed in ffmpeg 0.5
- NOTE: Unclear if this really affects libav due to different code
- TODO: Find a testcase in form of a sample
+ NOTE: Unclear if this really affects libav due to different code, need to find a test case in form of a sample
CVE-2013-0847 (The ff_id3v2_parse function in libavformat/id3v2.c in FFmpeg before ...)
- ffmpeg <not-affected> (Affected code not present in ffmpeg 0.5)
- libav <not-affected> (Code in libav is different, read_ttag)
More information about the Secure-testing-commits
mailing list