[Secure-testing-commits] r23008 - data/CVE
Moritz Muehlenhoff
jmm at alioth.debian.org
Fri Jul 19 05:06:25 UTC 2013
Author: jmm
Date: 2013-07-19 05:06:24 +0000 (Fri, 19 Jul 2013)
New Revision: 23008
Modified:
data/CVE/list
Log:
fix kde entries and add N/A for the right bug, mark the mem leak issue is unimportant
one mongodb issue fixed, for a second CVE there's some CVE misassignment; I've sent a
mail to oss-sec
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-07-18 21:14:37 UTC (rev 23007)
+++ data/CVE/list 2013-07-19 05:06:24 UTC (rev 23008)
@@ -470,7 +470,7 @@
CVE-2013-4651
RESERVED
CVE-2013-4650 (MongoDB 2.4.x before 2.4.5 and 2.5.x before 2.5.1 allows remote ...)
- - mongodb <unfixed> (bug #715007)
+ - mongodb 1:2.4.5-1 (bug #715007)
[squeeze] - mongodb <not-affected> (Only affects 2.4.x)
[wheezy] - mongodb <not-affected> (Only affects 2.4.x)
CVE-2013-4649
@@ -1539,13 +1539,14 @@
RESERVED
CVE-2013-4133 [memory leak]
RESERVED
- - kde-workspace <unfixed> (low; bug #717180)
- [wheezy] - kde-workspace <not-affected> (Only exploitable with glibc 2.17)
- - kdebase-workspace <not-affected> (Only exploitable with glibc 2.17)
+ - kde-workspace <unfixed> (unimportant; bug #717180)
NOTE: https://bugs.kde.org/show_bug.cgi?id=314919
+ NOTE: Plain bug, security implication rather far-fetched
CVE-2013-4132 [NULL pointer dereference]
RESERVED
- kde-workspace <unfixed>
+ [wheezy] - kde-workspace <not-affected> (Only exploitable with glibc 2.17)
+ - kdebase-workspace <not-affected> (Only exploitable with glibc 2.17)
NOTE: https://git.reviewboard.kde.org/r/111261/
NOTE: https://projects.kde.org/projects/kde/kde-workspace/repository/revisions/45b7f137fbc0b942fd2c9b4e8d8c1f0293e64ba7
NOTE: only relevant with eglibc >= 2.17.
More information about the Secure-testing-commits
mailing list