[Secure-testing-commits] r23023 - data/CVE

Henri Salo fgeek-guest at alioth.debian.org
Sun Jul 21 10:21:30 UTC 2013 

Author: fgeek-guest
Date: 2013-07-21 10:21:30 +0000 (Sun, 21 Jul 2013)
New Revision: 23023

Modified:
   data/CVE/list
Log:
CVE-2013-1934 bts, NFUs

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2013-07-21 09:45:03 UTC (rev 23022)
+++ data/CVE/list	2013-07-21 10:21:30 UTC (rev 23023)
@@ -2456,7 +2456,7 @@
 CVE-2013-3755 (Unspecified vulnerability in the Oracle Access Manager component in ...)
 	TODO: check
 CVE-2013-3754 (Unspecified vulnerability in the Solaris Cluster component in Oracle ...)
-	TODO: check
+	NOT-FOR-US: Solaris
 CVE-2013-3753 (Unspecified vulnerability in Oracle Solaris 11 allows remote attackers ...)
 	NOT-FOR-US: Oracle Solaris
 CVE-2013-3752 (Unspecified vulnerability in Oracle Solaris 11 allows remote attackers ...)
@@ -2472,7 +2472,7 @@
 CVE-2013-3747 (Unspecified vulnerability in the Oracle Applications Technology Stack ...)
 	TODO: check
 CVE-2013-3746 (Unspecified vulnerability in the Solaris Cluster component in Oracle ...)
-	TODO: check
+	NOT-FOR-US: Solaris
 CVE-2013-3745 (Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 allows ...)
 	NOT-FOR-US: Oracle Solaris
 CVE-2013-3744 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
@@ -3079,7 +3079,7 @@
 CVE-2013-3492
 	RESERVED
 CVE-2013-3491 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin sharebar
 CVE-2013-3490
 	RESERVED
 CVE-2013-3489
@@ -7198,14 +7198,11 @@
 	- linux <unfixed>
 	- linux-2.6 <removed>
 	NOTE: Might be RHEL-specific, contacted Red Hat
-CVE-2013-1934 [mantis: XSS issue on Configuration Report page when displaying complex value]
+CVE-2013-1934 [mantis: XSS issue in adm_config_report.php when displaying complex value]
 	RESERVED
-	- mantis <unfixed> (low)
+	- mantis <unfixed> (low; bug #717482)
 	[wheezy] - mantis <no-dsa> (Minor issue)
 	[squeeze] - mantis <no-dsa> (Minor issue)
-	TODO: File bug
-	NOTE: http://www.openwall.com/lists/oss-security/2013/04/04/8
-	NOTE: http://www.mantisbt.org/bugs/view.php?id=15416
 CVE-2013-1933 (The extract_from_ocr function in lib/docsplit/text_extractor.rb in the ...)
 	NOT-FOR-US: Karteek Docsplit Ruby Gem
 CVE-2013-1932 [mantis: XSS vulnerability on Configuration Report page]

More information about the Secure-testing-commits mailing list