[Secure-testing-commits] r21234 - data/CVE

Helmut Grohne helmut-guest at alioth.debian.org
Mon Feb 11 13:46:53 UTC 2013 

Author: helmut-guest
Date: 2013-02-11 13:46:52 +0000 (Mon, 11 Feb 2013)
New Revision: 21234

Modified:
   data/CVE/list
Log:
NFUs, miniupnpd, pixman (#700308)

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2013-02-11 07:28:33 UTC (rev 21233)
+++ data/CVE/list	2013-02-11 13:46:52 UTC (rev 21234)
@@ -104,7 +104,7 @@
 CVE-2013-1592
 	RESERVED
 CVE-2013-1591 (Stack-based buffer overflow in libpixman, as used in Pale Moon before ...)
-	TODO: check
+	- pixman <undetermined> (bug #700308)
 CVE-2013-1590 (Buffer overflow in the NTLMSSP dissector in Wireshark 1.6.x before ...)
 	- wireshark <unfixed>
 CVE-2013-1589 (Double free vulnerability in epan/proto.c in the dissection engine in ...)
@@ -370,19 +370,19 @@
 CVE-2012-6528 (Multiple cross-site scripting (XSS) vulnerabilities in ATutor before ...)
 	NOT-FOR-US: ATutor
 CVE-2012-6527 (Cross-site scripting (XSS) vulnerability in the My Calendar plugin ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin My Calendar
 CVE-2012-6526 (SQL injection vulnerability in show_code.php in Vastal I-Tech ...)
 	NOT-FOR-US: Vastal I-Tech Freelance Zone
 CVE-2012-6525 (SQL injection vulnerability in members.php in PHPBridges allows remote ...)
 	NOT-FOR-US: PHPBridges
 CVE-2012-6524 (SQL injection vulnerability in kommentar.php in pGB 2.12 allows remote ...)
-	TODO: check
+	NOT-FOR-US: pGB
 CVE-2012-6523 (Multiple cross-site scripting (XSS) vulnerabilities in w-CMS 2.01 ...)
 	NOT-FOR-US: w-CMS 2.01
 CVE-2012-6522 (Directory traversal vulnerability in the getContent function in ...)
 	NOT-FOR-US: w-CMS 2.01
 CVE-2011-5255 (Multiple cross-site scripting (XSS) vulnerabilities in admin/login in ...)
-	TODO: check
+	NOT-FOR-US: X3 CMS
 CVE-2010-5287 (SQL injection vulnerability in default.php in Cornerstone Technologies ...)
 	NOT-FOR-US: Cornerstone Technologies webConductor
 CVE-2013-1581 (The dissect_pft_fec_detailed function in ...)
@@ -432,9 +432,9 @@
 CVE-2013-1463 (Cross-site scripting (XSS) vulnerability in ...)
 	TODO: check
 CVE-2013-1462 (Integer signedness error in the ExecuteSoapAction function in the ...)
-	NOT-FOR-US: MiniUPnP MiniUPnPd
+	- miniupnpd <undetermined>
 CVE-2013-1461 (The ExecuteSoapAction function in the SOAPAction handler in the HTTP ...)
-	NOT-FOR-US: MiniUPnP MiniUPnPd
+	- miniupnpd <undetermined>
 CVE-2013-1460
 	RESERVED
 CVE-2013-1459
@@ -3535,9 +3535,9 @@
 	- linux <unfixed>
 	- linux-2.6 <removed>
 CVE-2013-0230 (Stack-based buffer overflow in the ExecuteSoapAction function in the ...)
-	TODO: check
+	- miniupnpd <undetermined>
 CVE-2013-0229 (The ProcessSSDPRequest function in minissdp.c in the SSDP handler in ...)
-	NOT-FOR-US: MiniUPnP MiniUPnPd
+	- miniupnpd <undetermined>
 CVE-2013-0228
 	RESERVED
 CVE-2013-0227

More information about the Secure-testing-commits mailing list