[Secure-testing-commits] r24909 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Fri Dec 27 14:31:34 UTC 2013
Author: carnil
Date: 2013-12-27 14:31:34 +0000 (Fri, 27 Dec 2013)
New Revision: 24909
Modified:
data/CVE/list
Log:
Add CVE-2013-7220 and CVE-2013-7221, gnome-shell
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-12-27 14:28:06 UTC (rev 24908)
+++ data/CVE/list 2013-12-27 14:31:34 UTC (rev 24909)
@@ -542,6 +542,16 @@
RESERVED
CVE-2014-0366
RESERVED
+CVE-2013-7221 [run command dialog visible above screen locker]
+ - gnome-shell <unfixed>
+ NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=708313
+ NOTE: https://git.gnome.org/browse/gnome-shell/commit/js/ui/main.js?id=efdf1ff755943fba1f8a9aaeff77daa3ed338088
+ TODO: check
+CVE-2013-7220 [blind command execution via activities search keyboard focus]
+ - gnome-shell <unfixed>
+ NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=686740
+ NOTE: https://git.gnome.org/browse/gnome-shell/commit/js/ui/screenShield.js?id=209014b083dbe86ed0e0860a6016735571b56f94
+ TODO: check
CVE-2013-7205 [off-by-one]
- nagios3 <unfixed>
NOTE: additional changed files for nagios3, cf. CVE-2013-7108
More information about the Secure-testing-commits
mailing list