[Secure-testing-commits] r21382 - in data: CVE DSA

Fri Feb 22 14:48:51 UTC 2013

Author: jmm
Date: 2013-02-22 14:48:51 +0000 (Fri, 22 Feb 2013)
New Revision: 21382

Modified:
   data/CVE/list
   data/DSA/list
Log:
owncloud no-dsa
one polasssl issue was rejected, remove it from DSA entry


Modified: data/CVE/list
===================================================================

--- data/CVE/list	2013-02-22 14:40:50 UTC (rev 21381)
+++ data/CVE/list	2013-02-22 14:48:51 UTC (rev 21382)
@@ -1331,8 +1331,6 @@
 	- mysql-5.5 <unfixed> (bug #699886)
 CVE-2013-1622
 	REJECTED
-	{DSA-2622-1}
-	- polarssl 1.1.4-2 (bug #699887)
 CVE-2013-1621 (Array index error in the SSL module in PolarSSL before 1.2.5 might ...)
 	{DSA-2622-1}
 	- polarssl 1.1.4-2 (bug #699887)
@@ -8363,9 +8361,9 @@
 	[squeeze] - wireshark <not-affected> (Only affects 1.8.x)
 CVE-2012-5236 [Admin can decrypt user files]
 	RESERVED
-	- owncloud <unfixed>
+	- owncloud <unfixed> (low)
+	[wheezy] - owncloud <no-dsa> (Low risk, requires entensive changes, will be fully fixed in 5.0)
 	NOTE: http://owncloud.org/about/security/advisories/CVE-2012-5236/
-	TODO: check
 CVE-2012-5235
 	RESERVED
 CVE-2012-5234 (Open redirect vulnerability in index.php in ocPortal before 7.1.6 ...)

Modified: data/DSA/list
===================================================================
--- data/DSA/list	2013-02-22 14:40:50 UTC (rev 21381)
+++ data/DSA/list	2013-02-22 14:48:51 UTC (rev 21382)
@@ -23,7 +23,7 @@
 	{CVE-2012-6128}
 	[squeeze] - openconnect 2.25-0.1+squeeze2
 [13 Feb 2013] DSA-2622-1 polarssl - several
-	{CVE-2013-0169 CVE-2013-1621 CVE-2013-1622}
+	{CVE-2013-0169 CVE-2013-1621}
 	[squeeze] - polarssl 0.12.1-1squeeze1
 [13 Feb 2013] DSA-2621-1 openssl - several vulnerabilities
 	{CVE-2013-0166 CVE-2013-0169}


