[Secure-testing-commits] r21421 - data/CVE

Moritz Muehlenhoff jmm at alioth.debian.org
Mon Feb 25 15:21:12 UTC 2013


Author: jmm
Date: 2013-02-25 15:21:12 +0000 (Mon, 25 Feb 2013)
New Revision: 21421

Modified:
   data/CVE/list
Log:
bugzilla no-dsa, add ITP records for bugzilla4
new ruby-parser issue
new webfs issue (no-dsa)
new fusionforge issue
ekiga no-dsa


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2013-02-25 09:48:44 UTC (rev 21420)
+++ data/CVE/list	2013-02-25 15:21:12 UTC (rev 21421)
@@ -1812,6 +1812,7 @@
 	RESERVED
 CVE-2013-1423
 	RESERVED
+	- fusionforge <unfixed>
 CVE-2013-1422
 	RESERVED
 CVE-2013-1421
@@ -3204,12 +3205,14 @@
 	RESERVED
 CVE-2013-0786 [information leak flaws]
 	RESERVED
-	- bugzilla <unfixed>
-	TODO: check
+	- bugzilla <removed> (low)
+	[squeeze] - bugzilla <no-dsa> (Minor issue)
+	- bugzilla4 <itp> (bug #669643)
 CVE-2013-0785 [XSS flaws]
 	RESERVED
-	- bugzilla <unfixed>
-	TODO: check
+	- bugzilla <removed> (low)
+	[squeeze] - bugzilla <no-dsa> (Minor issue)
+	- bugzilla4 <itp> (bug #669643)
 CVE-2013-0784 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
 	- iceape <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- iceweasel <not-affected> (Doesn't affect the ESR series, only releases from experimental)
@@ -4589,7 +4592,8 @@
 	NOT-FOR-US: sthttpd
 CVE-2013-0347 [webfs world-readable logdir]
 	RESERVED
-	TODO: check
+	- webfs <unfixed> (low)
+	[squeeze] - webfs <no-dsa> (Minor issue)
 	NOTE: CVE request http://www.openwall.com/lists/oss-security/2013/02/22/16
 CVE-2013-0346 [tomcat world-readable logdir]
 	RESERVED
@@ -5213,7 +5217,7 @@
 	RESERVED
 CVE-2013-0162 [insecure temporary file usage]
 	RESERVED
-	TODO: check if ruby-parser is affected
+	- ruby-parser <unfixed>
 	NOTE: http://www.openwall.com/lists/oss-security/2013/02/22/5
 CVE-2013-0161
 	RESERVED
@@ -7396,7 +7400,8 @@
 	NOT-FOR-US: OpenShift
 CVE-2012-5621 [Ekiga (x < 4.0.0): DoS (crash) after receiving call from other party with not UTF-8 valid name]
 	RESERVED
-	- ekiga <unfixed>
+	- ekiga <unfixed> (low)
+	[squeeze] - ekiga <no-dsa> (Minor issue)
 CVE-2012-5620
 	RESERVED
 	NOT-FOR-US: Docecot non-issue, see http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=695138#15




More information about the Secure-testing-commits mailing list