[Secure-testing-commits] r21177 - data/CVE

Thu Feb 7 09:04:12 UTC 2013

Author: jmm
Date: 2013-02-07 09:04:11 +0000 (Thu, 07 Feb 2013)
New Revision: 21177

Modified:
   data/CVE/list
Log:
another openjdk not-affected
Red Hat NFU
new curl issue (not in stable)


Modified: data/CVE/list
===================================================================

--- data/CVE/list	2013-02-07 08:44:49 UTC (rev 21176)
+++ data/CVE/list	2013-02-07 09:04:11 UTC (rev 21177)
@@ -307,7 +307,8 @@
 	- openjdk-6 6b27-1.12-1
 	- openjdk-7 <unfixed>
 CVE-2013-1479 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
-	TODO: check
+	- openjdk-6 <not-affected> (JavaFX not part of OpenJDK)
+	- openjdk-7 <not-affected> (JavaFX not part of OpenJDK)
 CVE-2013-1478 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
 	- openjdk-6 6b27-1.12-1
 	- openjdk-7 <unfixed>
@@ -3358,12 +3359,14 @@
 	NOTE: http://seclists.org/oss-sec/2013/q1/248
 CVE-2013-0264
 	RESERVED
+	NOT-FOR-US: Cumin
 CVE-2013-0263
 	RESERVED
 CVE-2013-0262
 	RESERVED
 CVE-2013-0261
 	RESERVED
+	NOT-FOR-US: Openstack Packstack
 CVE-2013-0260
 	RESERVED
 CVE-2013-0259
@@ -3396,6 +3399,8 @@
 	NOTE: http://www.openwall.com/lists/oss-security/2013/02/01/1
 CVE-2013-0249
 	RESERVED
+	- curl <unfixed> (bug #700002)
+	[squeeze] - curl <not-affected> (Only affects 7.26.0 to 7.28.1)
 CVE-2013-0248
 	RESERVED
 CVE-2013-0247 [Keystone denial of service through invalid token requests]


