[Secure-testing-commits] r21419 - data/CVE
Moritz Muehlenhoff
jmm at alioth.debian.org
Mon Feb 25 09:25:46 UTC 2013
Author: jmm
Date: 2013-02-25 09:25:46 +0000 (Mon, 25 Feb 2013)
New Revision: 21419
Modified:
data/CVE/list
Log:
kernel fixes from point update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-02-25 08:53:56 UTC (rev 21418)
+++ data/CVE/list 2013-02-25 09:25:46 UTC (rev 21419)
@@ -1011,7 +1011,7 @@
RESERVED
CVE-2013-1763 [out-of-bounds access of the sock_diag_handlers[] array]
RESERVED
- - linux <not-affected> (appeared in 3.3)
+ - linux <not-affected> (Introduced in 3.3)
NOTE: 3.6.9 and 3.7.8 in experimental are affected, 3.8 will be fixed.
CVE-2013-1762
RESERVED
@@ -4584,7 +4584,6 @@
RESERVED
- linux <unfixed>
- linux-2.6 <removed>
- TODO: check, only added to the tracker
CVE-2013-0348 [sthttpd world-redable logdir]
RESERVED
NOT-FOR-US: sthttpd
@@ -4988,6 +4987,7 @@
RESERVED
- linux 3.2.39-1
- linux-2.6 <removed>
+ [squeeze] - linux-2.6 2.6.32-48
CVE-2013-0227
RESERVED
CVE-2013-0226
@@ -5019,9 +5019,11 @@
CVE-2013-0217 (Memory leak in drivers/net/xen-netback/netback.c in the Xen netback ...)
- linux 3.2.39-1
- linux-2.6 <removed>
+ [squeeze] - linux-2.6 2.6.32-48
CVE-2013-0216 (The Xen netback functionality in the Linux kernel before 3.7.8 allows ...)
- linux 3.2.39-1
- linux-2.6 <removed>
+ [squeeze] - linux-2.6 2.6.32-48
CVE-2013-0215
RESERVED
- xen <not-affected> (ocaml version of the xenstore daemon not used in Debian)
@@ -5110,6 +5112,7 @@
CVE-2013-0190 (The xen_failsafe_callback function in Xen for the Linux kernel 2.6.23 ...)
- linux 3.2.39-1
- linux-2.6 <removed>
+ [squeeze] - linux-2.6 2.6.32-47
CVE-2013-0189 (cachemgr.cgi in Squid 3.1.x and 3.2.x, possibly 3.1.22, 3.2.4, and ...)
{DSA-2631-1}
- squid 2.7.STABLE9-2
@@ -10306,6 +10309,7 @@
CVE-2012-4565 (The tcp_illinois_info function in net/ipv4/tcp_illinois.c in the Linux ...)
- linux 3.2.35-1
- linux-2.6 <removed>
+ [squeeze] - linux-2.6 2.6.32-48
CVE-2012-4564 (ppm2tiff does not check the return value of the TIFFScanlineSize ...)
{DSA-2575-1}
- tiff3 <not-affected> (The tiff-tools package is only built from the tiff source package)
@@ -10404,6 +10408,7 @@
CVE-2012-4530 (The load_script function in fs/binfmt_script.c in the Linux kernel ...)
- linux 3.2.35-1
- linux-2.6 <removed>
+ [squeeze] - linux-2.6 2.6.32-48
CVE-2012-4529
RESERVED
- jbossas4 <not-affected> (Only builds a few libraries, not the full application server)
@@ -10636,6 +10641,7 @@
CVE-2012-4444 (The ip6_frag_queue function in net/ipv6/reassembly.c in the Linux ...)
- linux 2.6.36-1~experimental.1
- linux-2.6 <removed>
+ [squeeze] - linux-2.6 2.6.32-48
CVE-2012-4443 (Monkey HTTP Daemon 0.9.3 uses a real UID of root and a real GID of ...)
- monkey <removed> (unimportant; bug #688008)
CVE-2012-4442 (Monkey HTTP Daemon 0.9.3 retains the supplementary group IDs of the ...)
@@ -10808,6 +10814,7 @@
CVE-2012-4398 (The __request_module function in kernel/kmod.c in the Linux kernel ...)
- linux 3.2.35-1 (low)
- linux-2.6 <removed>
+ [squeeze] - linux-2.6 2.6.32-48
CVE-2012-4397 (Multiple cross-site scripting (XSS) vulnerabilities in ownCloud before ...)
- owncloud 4.0.1debian-1
CVE-2012-4396 (Multiple cross-site scripting (XSS) vulnerabilities in ownCloud before ...)
@@ -28898,6 +28905,7 @@
- libsndfile 1.0.25-1
CVE-2011-2695 (Multiple off-by-one errors in the ext4 subsystem in the Linux kernel ...)
- linux-2.6 3.0.0-1
+ [squeeze] - linux-2.6 2.6.32-48
CVE-2011-2694 (Cross-site scripting (XSS) vulnerability in the chg_passwd function in ...)
{DSA-2290-1}
- samba 2:3.5.10~dfsg-1 (low)
More information about the Secure-testing-commits
mailing list