[Secure-testing-commits] r21380 - data/CVE

Moritz Muehlenhoff jmm at alioth.debian.org
Fri Feb 22 14:28:39 UTC 2013 

Author: jmm
Date: 2013-02-22 14:28:39 +0000 (Fri, 22 Feb 2013)
New Revision: 21380

Modified:
   data/CVE/list
Log:
filed bugs for hplip and django
isync no-dsa
Red Hat NFU


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2013-02-22 11:44:38 UTC (rev 21379)
+++ data/CVE/list	2013-02-22 14:28:39 UTC (rev 21380)
@@ -4691,13 +4691,11 @@
 	NOTE: http://owncloud.org/about/security/advisories/oC-SA-2013-003/
 CVE-2013-0306 [Formset denial-of-service]
 	RESERVED
-	- python-django <unfixed>
-	TODO: check
+	- python-django <unfixed> (bug #701186)
 CVE-2013-0305 [Data leakage via admin history log]
 	RESERVED
-	- python-django <unfixed>
+	- python-django <unfixed> (bug #701186)
 	NOTE: https://www.djangoproject.com/weblog/2013/feb/19/security/
-	TODO: check
 CVE-2013-0304
 	RESERVED
 CVE-2013-0303 [Multiple code executions]
@@ -4714,7 +4712,6 @@
 	RESERVED
 	- owncloud <not-affected> (Vulnerably code not present, only affects 4.5 branch)
 	NOTE: http://owncloud.org/about/security/advisories/oC-SA-2013-004/
-	TODO: check
 CVE-2013-0299 [Multiple CSRF vulnerabilities]
 	RESERVED
 	- owncloud <unfixed> (bug #701115)
@@ -4723,7 +4720,6 @@
 	RESERVED
 	- owncloud <not-affected> (Vulnerably code not present, only affects 4.5 branch)
 	NOTE: http://owncloud.org/about/security/advisories/oC-SA-2013-003/
-	NOTE: only affecting owncloud 4.5
 CVE-2013-0297 [XSS vulnerability]
 	RESERVED
 	- owncloud <unfixed> (bug #701115)
@@ -4753,7 +4749,8 @@
 	NOTE: not verified, but list post mention v3.4 to v3.8 affected
 CVE-2013-0289 [missing SSL subject verification]
 	RESERVED
-	- isync <unfixed> (bug #701052)
+	- isync <unfixed> (low; bug #701052)
+	[squeeze] - isync <no-dsa> (Minor issue)
 	NOTE: http://isync.git.sourceforge.net/git/gitweb.cgi?p=isync/isync;a=patch;h=914ede18664980925628a9ed2a73ad05f85aeedb
 CVE-2013-0288
 	RESERVED
@@ -5053,7 +5050,7 @@
 	NOTE: http://owncloud.org/about/security/advisories/oC-SA-2013-001/
 CVE-2013-0200 [insecure temporary file handling flaws]
 	RESERVED
-	- hplip <unfixed>
+	- hplip <unfixed> (bug #701185)
 CVE-2013-0199
 	RESERVED
 	NOT-FOR-US: FreeIPA
@@ -7600,6 +7597,7 @@
 	NOT-FOR-US: Drupal contributed-module
 CVE-2012-5536
 	RESERVED
+	NOT-FOR-US: Red Hat-specific packaging flaw
 CVE-2012-5535
 	RESERVED
 	- gnome-system-log <not-affected> (Fedora-specific issue)

More information about the Secure-testing-commits mailing list