[Secure-testing-commits] r21419 - data/CVE

Mon Feb 25 09:25:46 UTC 2013

Author: jmm
Date: 2013-02-25 09:25:46 +0000 (Mon, 25 Feb 2013)
New Revision: 21419

Modified:
   data/CVE/list
Log:
kernel fixes from point update


Modified: data/CVE/list
===================================================================

--- data/CVE/list	2013-02-25 08:53:56 UTC (rev 21418)
+++ data/CVE/list	2013-02-25 09:25:46 UTC (rev 21419)
@@ -1011,7 +1011,7 @@
 	RESERVED
 CVE-2013-1763 [out-of-bounds access of the sock_diag_handlers[] array]
 	RESERVED
-	- linux <not-affected> (appeared in 3.3)
+	- linux <not-affected> (Introduced in 3.3)
 	NOTE: 3.6.9 and 3.7.8 in experimental are affected, 3.8 will be fixed.
 CVE-2013-1762
 	RESERVED
@@ -4584,7 +4584,6 @@
 	RESERVED
 	- linux <unfixed>
 	- linux-2.6 <removed>
-	TODO: check, only added to the tracker
 CVE-2013-0348 [sthttpd world-redable logdir]
 	RESERVED
 	NOT-FOR-US: sthttpd
@@ -4988,6 +4987,7 @@
 	RESERVED
 	- linux 3.2.39-1
 	- linux-2.6 <removed>
+	[squeeze] - linux-2.6 2.6.32-48
 CVE-2013-0227
 	RESERVED
 CVE-2013-0226
@@ -5019,9 +5019,11 @@
 CVE-2013-0217 (Memory leak in drivers/net/xen-netback/netback.c in the Xen netback ...)
 	- linux 3.2.39-1
 	- linux-2.6 <removed>
+	[squeeze] - linux-2.6 2.6.32-48
 CVE-2013-0216 (The Xen netback functionality in the Linux kernel before 3.7.8 allows ...)
 	- linux 3.2.39-1
 	- linux-2.6 <removed>
+	[squeeze] - linux-2.6 2.6.32-48
 CVE-2013-0215
 	RESERVED
 	- xen <not-affected> (ocaml version of the xenstore daemon not used in Debian)
@@ -5110,6 +5112,7 @@
 CVE-2013-0190 (The xen_failsafe_callback function in Xen for the Linux kernel 2.6.23 ...)
 	- linux 3.2.39-1
 	- linux-2.6 <removed>
+	[squeeze] - linux-2.6 2.6.32-47
 CVE-2013-0189 (cachemgr.cgi in Squid 3.1.x and 3.2.x, possibly 3.1.22, 3.2.4, and ...)
 	{DSA-2631-1}
 	- squid 2.7.STABLE9-2
@@ -10306,6 +10309,7 @@
 CVE-2012-4565 (The tcp_illinois_info function in net/ipv4/tcp_illinois.c in the Linux ...)
 	- linux 3.2.35-1
 	- linux-2.6 <removed>
+	[squeeze] - linux-2.6 2.6.32-48
 CVE-2012-4564 (ppm2tiff does not check the return value of the TIFFScanlineSize ...)
 	{DSA-2575-1}
 	- tiff3 <not-affected> (The tiff-tools package is only built from the tiff source package)
@@ -10404,6 +10408,7 @@
 CVE-2012-4530 (The load_script function in fs/binfmt_script.c in the Linux kernel ...)
 	- linux 3.2.35-1
 	- linux-2.6 <removed>
+	[squeeze] - linux-2.6 2.6.32-48
 CVE-2012-4529
 	RESERVED
 	- jbossas4 <not-affected> (Only builds a few libraries, not the full application server)
@@ -10636,6 +10641,7 @@
 CVE-2012-4444 (The ip6_frag_queue function in net/ipv6/reassembly.c in the Linux ...)
 	- linux 2.6.36-1~experimental.1
 	- linux-2.6 <removed>
+	[squeeze] - linux-2.6 2.6.32-48
 CVE-2012-4443 (Monkey HTTP Daemon 0.9.3 uses a real UID of root and a real GID of ...)
 	- monkey <removed> (unimportant; bug #688008)
 CVE-2012-4442 (Monkey HTTP Daemon 0.9.3 retains the supplementary group IDs of the ...)
@@ -10808,6 +10814,7 @@
 CVE-2012-4398 (The __request_module function in kernel/kmod.c in the Linux kernel ...)
 	- linux 3.2.35-1 (low)
 	- linux-2.6 <removed>
+	[squeeze] - linux-2.6 2.6.32-48
 CVE-2012-4397 (Multiple cross-site scripting (XSS) vulnerabilities in ownCloud before ...)
 	- owncloud 4.0.1debian-1
 CVE-2012-4396 (Multiple cross-site scripting (XSS) vulnerabilities in ownCloud before ...)
@@ -28898,6 +28905,7 @@
 	- libsndfile 1.0.25-1 
 CVE-2011-2695 (Multiple off-by-one errors in the ext4 subsystem in the Linux kernel ...)
 	- linux-2.6 3.0.0-1
+	[squeeze] - linux-2.6 2.6.32-48
 CVE-2011-2694 (Cross-site scripting (XSS) vulnerability in the chg_passwd function in ...)
 	{DSA-2290-1}
 	- samba 2:3.5.10~dfsg-1 (low)


