[Secure-testing-commits] r21383 - data/CVE

Joey Hess joeyh at alioth.debian.org
Fri Feb 22 21:14:23 UTC 2013 

Author: joeyh
Date: 2013-02-22 21:14:22 +0000 (Fri, 22 Feb 2013)
New Revision: 21383

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2013-02-22 14:48:51 UTC (rev 21382)
+++ data/CVE/list	2013-02-22 21:14:22 UTC (rev 21383)
@@ -1,3 +1,9 @@
+CVE-2013-2267
+	RESERVED
+CVE-2013-2266
+	RESERVED
+CVE-2013-2265
+	RESERVED
 CVE-2013-XXXX [varnish world-readable logdir]
 	TODO: check if varnish is affected
 	NOTE: CVE request http://www.openwall.com/lists/oss-security/2013/02/22/14
@@ -3400,8 +3406,8 @@
 	RESERVED
 CVE-2013-0731
 	RESERVED
-CVE-2013-0730
-	RESERVED
+CVE-2013-0730 (Multiple cross-site scripting (XSS) vulnerabilities in Newscoop 4.x ...)
+	TODO: check
 CVE-2013-0729
 	RESERVED
 CVE-2013-0728
@@ -3501,8 +3507,8 @@
 	RESERVED
 CVE-2013-0707
 	RESERVED
-CVE-2013-0706
-	RESERVED
+CVE-2013-0706 (NEC Universal RAID Utility 1.40 Rev 680 and earlier, 2.31 Rev 1492 and ...)
+	TODO: check
 CVE-2013-0705 (Directory traversal vulnerability in LSI 3ware Disk Manager (3DM) ...)
 	NOT-FOR-US: LSI 3ware Disk Manager
 CVE-2013-0704 (Directory traversal vulnerability in the GREE application before 1.3.3 ...)
@@ -3722,9 +3728,9 @@
 	RESERVED
 CVE-2013-0642 (Buffer overflow in Adobe Flash Player before 10.3.183.63 and 11.x ...)
 	NOT-FOR-US: Adobe Flash Plugin
-CVE-2013-0641 (Unspecified vulnerability in Adobe Reader and Acrobat 9.x through ...)
+CVE-2013-0641 (Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.4, 10.x ...)
 	NOT-FOR-US: Adobe Reader
-CVE-2013-0640 (Unspecified vulnerability in Adobe Reader and Acrobat 9.x through ...)
+CVE-2013-0640 (Adobe Reader and Acrobat 9.x before 9.5.4, 10.x before 10.1.6, and ...)
 	NOT-FOR-US: Adobe Reader
 CVE-2013-0639 (Integer overflow in Adobe Flash Player before 10.3.183.63 and 11.x ...)
 	NOT-FOR-US: Adobe Flash Plugin
@@ -4672,22 +4678,18 @@
 	RESERVED
 CVE-2013-0314
 	RESERVED
-CVE-2013-0313
-	RESERVED
+CVE-2013-0313 (The evm_update_evmxattr function in ...)
 	- linux <unfixed>
 	- linux-2.6 <not-affected> (Vulnerable code not present)
 CVE-2013-0312
 	RESERVED
-CVE-2013-0311
-	RESERVED
+CVE-2013-0311 (The translate_desc function in drivers/vhost/vhost.c in the Linux ...)
 	- linux <unfixed>
 	- linux-2.6 <not-affected> (Vulnerable code not present)
-CVE-2013-0310
-	RESERVED
+CVE-2013-0310 (The cipso_v4_validate function in net/ipv4/cipso_ipv4.c in the Linux ...)
 	- linux <unfixed>
 	- linux-2.6 <not-affected> (Vulnerable code not present)
-CVE-2013-0309
-	RESERVED
+CVE-2013-0309 (arch/x86/include/asm/pgtable.h in the Linux kernel before 3.6.2, when ...)
 	- linux <unfixed>
 	- linux-2.6 <removed>
 CVE-2013-0308
@@ -7602,8 +7604,7 @@
 	NOT-FOR-US: Drupal contributed-module
 CVE-2012-5537 (The Simplenews Scheduler module 6.x-2.x before 6.x-2.4 for Drupal ...)
 	NOT-FOR-US: Drupal contributed-module
-CVE-2012-5536
-	RESERVED
+CVE-2012-5536 (A certain Red Hat build of the pam_ssh_agent_auth module on Red Hat ...)
 	NOT-FOR-US: Red Hat-specific packaging flaw
 CVE-2012-5535
 	RESERVED

More information about the Secure-testing-commits mailing list