[Secure-testing-commits] r22973 - data/CVE

Moritz Muehlenhoff jmm at alioth.debian.org
Wed Jul 17 07:54:09 UTC 2013 

Author: jmm
Date: 2013-07-17 07:54:09 +0000 (Wed, 17 Jul 2013)
New Revision: 22973

Modified:
   data/CVE/list
Log:
one java issue specific to java 7
minidlna no-dsa


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2013-07-17 07:44:30 UTC (rev 22972)
+++ data/CVE/list	2013-07-17 07:54:09 UTC (rev 22973)
@@ -4683,9 +4683,9 @@
 	RESERVED
 CVE-2013-2745 [SQL Injection]
 	RESERVED
-	- minidlna <unfixed> (bug #717131)
+	- minidlna <unfixed> (low; bug #717131)
+	[wheezy] - minidlna <no-dsa> (Minor issue, DLNA only used in a trusted context)
 	NOTE: http://www.securityfocus.com/archive/1/527299/30/0
-	TODO: check
 CVE-2013-2744 (importbuddy.php in the BackupBuddy plugin 2.2.25 for WordPress allows ...)
 	NOT-FOR-US: BackupBuddy plugin for WordPress
 CVE-2013-2743 (importbuddy.php in the BackupBuddy plugin 1.3.4, 2.1.4, 2.2.25, ...)
@@ -4698,14 +4698,14 @@
 	RESERVED
 CVE-2013-2739 [heap-based buffer overflow]
 	RESERVED
-	- minidlna <unfixed> (bug #717131)
+	- minidlna <unfixed> (low; bug #717131)
+	[wheezy] - minidlna <no-dsa> (Minor issue, DLNA only used in a trusted context)
 	NOTE: http://www.securityfocus.com/archive/1/527299/30/0
-	TODO: check
 CVE-2013-2738 [SQL Injection]
 	RESERVED
-	- minidlna <unfixed> (bug #717131)
+	- minidlna <unfixed> (low; bug #717131)
 	NOTE: http://www.securityfocus.com/archive/1/527299/30/0
-	TODO: check
+	[wheezy] - minidlna <no-dsa> (Minor issue, DLNA only used in a trusted context)
 CVE-2013-2737 (A JavaScript API in Adobe Reader and Acrobat 9.x before 9.5.5, 10.x ...)
 	NOT-FOR-US: Adobe Reader
 CVE-2013-2736 (Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and ...)
@@ -5482,7 +5482,7 @@
 	- openjdk-7 7u25-2.3.10-1
 CVE-2013-2454 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
 	{DSA-2722-1}
-	- openjdk-6 <unfixed>
+	- openjdk-6 <not-affected> (Only affects Java 7)
 	- openjdk-7 7u25-2.3.10-1
 CVE-2013-2453 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
 	{DSA-2722-1}

More information about the Secure-testing-commits mailing list