[Secure-testing-commits] r21345 - data/CVE
Salvatore Bonaccorso
carnil at alioth.debian.org
Tue Feb 19 21:27:10 UTC 2013
Author: carnil
Date: 2013-02-19 21:27:10 +0000 (Tue, 19 Feb 2013)
New Revision: 21345
Modified:
data/CVE/list
Log:
Correct some keystone and nova related CVEs
three CVE's where rejected and two are to be used.
TODO: notify maintainers about the CVE's to reference.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-02-19 21:20:31 UTC (rev 21344)
+++ data/CVE/list 2013-02-19 21:27:10 UTC (rev 21345)
@@ -196,17 +196,19 @@
RESERVED
CVE-2013-1666
RESERVED
-CVE-2013-1665 [Local file leak through entities in XML requests]
+CVE-2013-1665 [Information leak via xml entity parsing]
RESERVED
- keystone <unfixed>
- TODO: check
-CVE-2013-1664 [DoS through XML entity expansion]
+ TODO: check and add the bugnumbers
+ TODO: notify maintainers about the CVE rejections
+CVE-2013-1664 [Denial of service via xml entity parsing]
RESERVED
- keystone <unfixed>
- nova <unfixed>
- cinder <unfixed>
NOTE: cinder is in the NEW queue
- TODO: check
+ TODO: notify maintainers about the CVE rejections
+ TODO: check and add the bugnumbers
CVE-2012-6532 ((1) Zend_Dom, (2) Zend_Feed, (3) Zend_Soap, and (4) Zend_XmlRpc in ...)
TODO: check
CVE-2012-6531 ((1) Zend_Dom, (2) Zend_Feed, and (3) Zend_Soap in Zend Framework 1.x ...)
@@ -3657,15 +3659,15 @@
CVE-2013-0281 [DoS when remote CIB management enabled]
RESERVED
- pacemaker <unfixed> (bug #700923)
-CVE-2013-0280 [Information leak and Denial of Service using XML entities]
+CVE-2013-0280
RESERVED
- - keystone <unfixed> (bug #700948)
- - nova <unfixed> (bug #700949)
- TODO: check
+ NOTE: To be rejected
CVE-2013-0279
RESERVED
+ NOTE: To be rejected
CVE-2013-0278
RESERVED
+ NOTE: To be rejected
CVE-2013-0277 (Active Record in Ruby on Rails 3.x before 3.1.0 and 2.3.x before ...)
{DSA-2620-1}
- ruby-activerecord-2.3 2.3.14-5
More information about the Secure-testing-commits
mailing list