[Secure-testing-commits] r21048 - data/CVE
Joey Hess
joeyh at alioth.debian.org
Fri Jan 25 21:14:30 UTC 2013
Author: joeyh
Date: 2013-01-25 21:14:29 +0000 (Fri, 25 Jan 2013)
New Revision: 21048
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-01-25 19:26:46 UTC (rev 21047)
+++ data/CVE/list 2013-01-25 21:14:29 UTC (rev 21048)
@@ -1,3 +1,15 @@
+CVE-2013-1419
+ RESERVED
+CVE-2013-1418
+ RESERVED
+CVE-2013-1417
+ RESERVED
+CVE-2013-1416
+ RESERVED
+CVE-2013-1415
+ RESERVED
+CVE-2013-1414
+ RESERVED
CVE-2013-XXXX [wordpress: server-side request forgery and remote port scanning using pingbacks]
- wordpress <unfixed> (bug #698916)
TODO: check if squeeze is affected
@@ -703,14 +715,14 @@
RESERVED
CVE-2013-1106
RESERVED
-CVE-2013-1105
- RESERVED
-CVE-2013-1104
- RESERVED
-CVE-2013-1103
- RESERVED
-CVE-2013-1102
- RESERVED
+CVE-2013-1105 (Cisco Wireless LAN Controller (WLC) devices with software 7.0 before ...)
+ TODO: check
+CVE-2013-1104 (The HTTP Profiling functionality on Cisco Wireless LAN Controller ...)
+ TODO: check
+CVE-2013-1103 (Cisco Wireless LAN Controller (WLC) devices with software 7.0 before ...)
+ TODO: check
+CVE-2013-1102 (The Wireless Intrusion Prevention System (wIPS) component on Cisco ...)
+ TODO: check
CVE-2013-1101
RESERVED
CVE-2013-1100
@@ -1227,20 +1239,15 @@
RESERVED
CVE-2013-0844
RESERVED
-CVE-2013-0843
- RESERVED
+CVE-2013-0843 (content/renderer/media/webrtc_audio_renderer.cc in Google Chrome ...)
- chromium-browser <not-affected> (MacOS-specific)
-CVE-2013-0842
- RESERVED
+CVE-2013-0842 (Google Chrome before 24.0.1312.56 does not properly handle %00 ...)
- chromium-browser <unfixed>
-CVE-2013-0841
- RESERVED
+CVE-2013-0841 (Array index error in the content-blocking functionality in Google ...)
- chromium-browser <unfixed>
-CVE-2013-0840
- RESERVED
+CVE-2013-0840 (Google Chrome before 24.0.1312.56 does not validate URLs during the ...)
- chromium-browser <unfixed>
-CVE-2013-0839
- RESERVED
+CVE-2013-0839 (Use-after-free vulnerability in Google Chrome before 24.0.1312.56 ...)
- chromium-browser <unfixed>
CVE-2013-0838 (Google Chrome before 24.0.1312.52 on Linux uses weak permissions for ...)
- chromium-browser <unfixed>
@@ -1706,22 +1713,22 @@
CVE-2012-6453 (Cross-site scripting (XSS) vulnerability in the RSS Reader extension ...)
{DSA-2596-1}
- mediawiki-extensions 2.11 (bug #696179)
-CVE-2012-6442
- RESERVED
-CVE-2012-6441
- RESERVED
-CVE-2012-6440
- RESERVED
-CVE-2012-6439
- RESERVED
-CVE-2012-6438
- RESERVED
-CVE-2012-6437
- RESERVED
-CVE-2012-6436
- RESERVED
-CVE-2012-6435
- RESERVED
+CVE-2012-6442 (Rockwell Automation EtherNet/IP products; 1756-ENBT, 1756-EWEB, ...)
+ TODO: check
+CVE-2012-6441 (Rockwell Automation EtherNet/IP products; 1756-ENBT, 1756-EWEB, ...)
+ TODO: check
+CVE-2012-6440 (The web-server password-authentication functionality in Rockwell ...)
+ TODO: check
+CVE-2012-6439 (Rockwell Automation EtherNet/IP products; 1756-ENBT, 1756-EWEB, ...)
+ TODO: check
+CVE-2012-6438 (Buffer overflow in Rockwell Automation EtherNet/IP products; ...)
+ TODO: check
+CVE-2012-6437 (Rockwell Automation EtherNet/IP products; 1756-ENBT, 1756-EWEB, ...)
+ TODO: check
+CVE-2012-6436 (Buffer overflow in Rockwell Automation EtherNet/IP products; ...)
+ TODO: check
+CVE-2012-6435 (Rockwell Automation EtherNet/IP products; 1756-ENBT, 1756-EWEB, ...)
+ TODO: check
CVE-2012-6434 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
NOT-FOR-US: e107
CVE-2012-6433 (Cross-site request forgery (CSRF) vulnerability in ...)
@@ -3361,8 +3368,8 @@
RESERVED
CVE-2012-6273
RESERVED
-CVE-2012-6272
- RESERVED
+CVE-2012-6272 (Multiple cross-site scripting (XSS) vulnerabilities in Dell OpenManage ...)
+ TODO: check
CVE-2012-6271 (Adobe Shockwave Player through 11.6.8.638 allows remote attackers to ...)
NOT-FOR-US: Adobe Shockwave
CVE-2012-6270 (Adobe Shockwave Player through 11.6.8.638 allows remote attackers to ...)
@@ -3764,8 +3771,7 @@
CVE-2012-6096 (Multiple stack-based buffer overflows in the get_history function in ...)
- icinga 1.7.1-5 (bug #697931)
- nagios3 <unfixed> (bug #697930)
-CVE-2012-6095 [Possible symlink race when applying UserOwner]
- RESERVED
+CVE-2012-6095 (ProFTPD before 1.3.5rc1, when using the UserOwner directive, allows ...)
{DSA-2606-1}
- proftpd-dfsg 1.3.4a-3 (bug #697524)
CVE-2012-6094
@@ -5006,8 +5012,8 @@
NOT-FOR-US: RealPlayer
CVE-2012-5690 (RealNetworks RealPlayer before 16.0.0.282 and RealPlayer SP 1.0 ...)
NOT-FOR-US: RealPlayer
-CVE-2012-5689
- RESERVED
+CVE-2012-5689 (ISC BIND 9.8.x through 9.8.4-P1 and 9.9.x through 9.9.2-P1, in certain ...)
+ TODO: check
CVE-2012-5688 (ISC BIND 9.8.x before 9.8.4-P1 and 9.9.x before 9.9.2-P1, when DNS64 ...)
- bind9 1:9.8.4.dfsg.P1-1 (bug #695192)
[squeeze] - bind9 <not-affected> (Only affects 9.8 and 9.9)
@@ -5092,19 +5098,16 @@
CVE-2012-5671 (Heap-based buffer overflow in the dkim_exim_query_dns_txt function in ...)
{DSA-2566-1}
- exim4 4.80-5.1 (medium)
-CVE-2012-5670 [Out-of-bounds write in _bdf_parse_glyphs]
- RESERVED
+CVE-2012-5670 (The _bdf_parse_glyphs function in FreeType before 2.4.11 allows ...)
- freetype 2.4.9-1.1 (bug #696691)
[squeeze] - freetype <not-affected> (Version in Squeeze doesn't parse alternative encoding format yet)
NOTE: https://savannah.nongnu.org/bugs/?37907
NOTE: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=7f2e4f4f553f6836be7683f66226afac3fa979b8
-CVE-2012-5669 [heap buffer over-read in BDF parsing _bdf_parse_glyphs()]
- RESERVED
+CVE-2012-5669 (The _bdf_parse_glyphs function in FreeType before 2.4.11 allows ...)
- freetype 2.4.9-1.1 (unimportant; bug #696691)
NOTE: https://savannah.nongnu.org/bugs/?37906
NOTE: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=07bdb6e289c7954e2a533039dc93c1c136099d2d
-CVE-2012-5668 [NULL Pointer Dereference in bdf_free_font]
- RESERVED
+CVE-2012-5668 (FreeType before 2.4.11 allows context-dependent attackers to cause a ...)
- freetype 2.4.9-1.1 (unimportant; bug #696691)
NOTE: https://savannah.nongnu.org/bugs/?37905
NOTE: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=9b6b5754b57c12b820e01305eb69b8863a161e5a
More information about the Secure-testing-commits
mailing list