[Secure-testing-commits] r22455 - data/CVE

Joey Hess joeyh at alioth.debian.org
Sun Jun 2 21:14:29 UTC 2013


Author: joeyh
Date: 2013-06-02 21:14:29 +0000 (Sun, 02 Jun 2013)
New Revision: 22455

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2013-06-02 21:14:10 UTC (rev 22454)
+++ data/CVE/list	2013-06-02 21:14:29 UTC (rev 22455)
@@ -400,6 +400,7 @@
 CVE-2013-3563
 	RESERVED
 CVE-2013-3562 (Multiple integer signedness errors in the tvb_unmasked function in ...)
+	{DSA-2700-1}
 	- wireshark 1.8.7-1 (bug #709167)
 	[squeeze] - wireshark <not-affected> (Only affects 1.8.x)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8499
@@ -410,25 +411,30 @@
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8448
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2013-29.html
 CVE-2013-3560 (The dissect_dsmcc_un_download function in ...)
+	{DSA-2700-1}
 	- wireshark 1.8.7-1 (unimportant; bug #709167)
 	[squeeze] - wireshark <not-affected> (Only affects 1.8.x)
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2013-28.html
 	NOTE: Not suitable for code injection
 CVE-2013-3559 (epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector in ...)
+	{DSA-2700-1}
 	- wireshark 1.8.7-1 (bug #709167)
 	[squeeze] - wireshark <not-affected> (Only affects 1.8.x)
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2013-27.html
 CVE-2013-3558 (The dissect_ccp_bsdcomp_opt function in epan/dissectors/packet-ppp.c ...)
+	{DSA-2700-1}
 	- wireshark 1.8.7-1 (bug #709167)
 	[squeeze] - wireshark <not-affected> (Only affects 1.8.x)
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2013-26.html
 CVE-2013-3557 (The dissect_ber_choice function in epan/dissectors/packet-ber.c in the ...)
+	{DSA-2700-1}
 	- wireshark 1.8.7-1 (unimportant; bug #709167)
 	NOTE: Not suitable for code injection
 CVE-2013-3556 (The fragment_add_seq_common function in epan/reassemble.c in the ASN.1 ...)
 	- wireshark <not-affected> (Only affected the dev trunk)
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2013-25.html (r48943)
 CVE-2013-3555 (epan/dissectors/packet-gtpv2.c in the GTPv2 dissector in Wireshark ...)
+	{DSA-2700-1}
 	- wireshark 1.8.7-1 (bug #709167)
 	[squeeze] - wireshark <not-affected> (Only affects 1.8.x)
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2013-24.html
@@ -936,7 +942,8 @@
 	RESERVED
 CVE-2013-3316
 	RESERVED
-CVE-2013-3315 (The server in TIBCO Silver Mobile 1.1.0 does not properly verify access ...)
+CVE-2013-3315
+	RESERVED
 	NOT-FOR-US: TIBCO
 CVE-2013-3314
 	RESERVED
@@ -5090,34 +5097,42 @@
 CVE-2013-1682
 	RESERVED
 CVE-2013-1681 (Use-after-free vulnerability in the ...)
+	{DSA-2699-1}
 	- iceweasel 17.0.6esr-1
 	- icedove <unfixed>
 	- iceape <unfixed>
 CVE-2013-1680 (Use-after-free vulnerability in the nsFrameList::FirstChild function ...)
+	{DSA-2699-1}
 	- iceweasel 17.0.6esr-1
 	- icedove <unfixed>
 	- iceape <unfixed>
 CVE-2013-1679 (Use-after-free vulnerability in the ...)
+	{DSA-2699-1}
 	- iceweasel 17.0.6esr-1
 	- icedove <unfixed>
 	- iceape <unfixed>
 CVE-2013-1678 (The _cairo_xlib_surface_add_glyph function in Mozilla Firefox before ...)
+	{DSA-2699-1}
 	- iceweasel 17.0.6esr-1
 	- icedove <unfixed>
 	- iceape <unfixed>
 CVE-2013-1677 (The gfxSkipCharsIterator::SetOffsets function in Mozilla Firefox ...)
+	{DSA-2699-1}
 	- iceweasel 17.0.6esr-1
 	- icedove <unfixed>
 	- iceape <unfixed>
 CVE-2013-1676 (The SelectionIterator::GetNextSegment function in Mozilla Firefox ...)
+	{DSA-2699-1}
 	- iceweasel 17.0.6esr-1
 	- icedove <unfixed>
 	- iceape <unfixed>
 CVE-2013-1675 (Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, ...)
+	{DSA-2699-1}
 	- iceweasel 17.0.6esr-1
 	- icedove <unfixed>
 	- iceape <unfixed>
 CVE-2013-1674 (Use-after-free vulnerability in Mozilla Firefox before 21.0, Firefox ...)
+	{DSA-2699-1}
 	- iceweasel 17.0.6esr-1
 	- icedove <unfixed>
 	- iceape <unfixed>
@@ -5132,6 +5147,7 @@
 	[wheezy] - iceweasel <not-affected> (Doesn't affect ESR 17 series)
 	NOTE: fixed in experimental in 21.0-1
 CVE-2013-1670 (The Chrome Object Wrapper (COW) implementation in Mozilla Firefox ...)
+	{DSA-2699-1}
 	- iceweasel 17.0.6esr-1
 	- icedove <unfixed>
 	- iceape <unfixed>
@@ -6249,9 +6265,11 @@
 	NOT-FOR-US: Orchard
 CVE-2012-0722
 	REJECTED
-CVE-2013-1247 (Cross-site scripting (XSS) vulnerability in the wireless configuration ...)
+CVE-2013-1247
+	RESERVED
 	NOT-FOR-US: Cisco
-CVE-2013-1246 (Cisco TelePresence System Software does not properly handle inactive ...)
+CVE-2013-1246
+	RESERVED
 	NOT-FOR-US: Cisco
 CVE-2013-1245 (The user-management page in Cisco WebEx Social relies on client-side ...)
 	NOT-FOR-US: Cisco WebEx Social
@@ -7345,10 +7363,12 @@
 CVE-2013-0802
 	RESERVED
 CVE-2013-0801 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+	{DSA-2699-1}
 	- iceweasel 17.0.6esr-1
 	- icedove <unfixed>
 	- iceape <unfixed>
 CVE-2013-0800 (Integer signedness error in the pixman_fill_sse2 function in ...)
+	{DSA-2699-1}
 	- iceweasel 17.0.5esr-1
 	- icedove 17.0.5-1
 	- iceape <unfixed>
@@ -7363,10 +7383,12 @@
 CVE-2013-0797 (Untrusted search path vulnerability in the Mozilla Updater in Mozilla ...)
 	- iceweasel <not-affected> (Only affects Firefox on Windows)
 CVE-2013-0796 (The WebGL subsystem in Mozilla Firefox before 20.0, Firefox ESR 17.x ...)
+	{DSA-2699-1}
 	- iceweasel 17.0.5esr-1
 	- icedove 17.0.5-1
 	- iceape <unfixed>
 CVE-2013-0795 (The System Only Wrapper (SOW) implementation in Mozilla Firefox before ...)
+	{DSA-2699-1}
 	- icedove <unfixed>
 	- iceape <unfixed>
 	- iceweasel 17.0.5esr-1
@@ -7374,6 +7396,7 @@
 	- iceweasel 17.0.5esr-1 (low)
 	- iceape <unfixed> (low)
 CVE-2013-0793 (Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, ...)
+	{DSA-2699-1}
 	- iceweasel 17.0.5esr-1
 	- icedove 17.0.5-1
 	- iceape <unfixed>
@@ -7390,10 +7413,12 @@
 	- icedove <not-affected> (Only affects Firefox 19)
 	- iceape <not-affected> (Only affects Firefox 19)
 CVE-2013-0788 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+	{DSA-2699-1}
 	- iceweasel 17.0.5esr-1
 	- iceape <unfixed>
 	- icedove 17.0.5-1
 CVE-2013-0787 (Use-after-free vulnerability in the nsEditor::IsPreformatted function ...)
+	{DSA-2699-1}
 	- iceweasel 17.0.5esr-1
 	- icedove 17.0.5-1
 	- iceape <unfixed>
@@ -7411,11 +7436,13 @@
 	- iceweasel <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- icedove <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 CVE-2013-0783 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+	{DSA-2699-1}
 	- iceweasel 17.0.5esr-1 (bug #703071)
 	- icedove 17.0.5-1
 	- iceape <unfixed>
 	NOTE: Fixed in experimental in 19.0-1, update when enters unstable
 CVE-2013-0782 (Heap-based buffer overflow in the nsSaveAsCharset::DoCharsetConversion ...)
+	{DSA-2699-1}
 	- iceweasel 17.0.5esr-1 (bug #703071)
 	- icedove 17.0.5-1
 	- iceape <unfixed>
@@ -7425,6 +7452,7 @@
 	- iceweasel <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- icedove <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 CVE-2013-0780 (Use-after-free vulnerability in the ...)
+	{DSA-2699-1}
 	- iceweasel 17.0.5esr-1 (bug #703071)
 	- icedove 17.0.5-1
 	- iceape <unfixed>
@@ -7442,11 +7470,13 @@
 	- iceweasel <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- icedove <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 CVE-2013-0776 (Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, ...)
+	{DSA-2699-1}
 	- iceweasel 17.0.5esr-1 (bug #703071)
 	- icedove 17.0.5-1
 	- iceape <unfixed>
 	NOTE: Fixed in experimental in 19.0-1, update when enters unstable
 CVE-2013-0775 (Use-after-free vulnerability in the ...)
+	{DSA-2699-1}
 	- iceweasel 17.0.5esr-1 (bug #703071)
 	- icedove 17.0.5-1
 	- iceape <unfixed>
@@ -7456,6 +7486,7 @@
 	- iceweasel <not-affected> (Introduced in Firefox 15)
 	- icedove <not-affected> (Introduced in Firefox 15)
 CVE-2013-0773 (The Chrome Object Wrapper (COW) and System Only Wrapper (SOW) ...)
+	{DSA-2699-1}
 	- iceweasel 17.0.5esr-1 (bug #703071)
 	- icedove 17.0.5-1
 	- iceape <unfixed>
@@ -25445,7 +25476,7 @@
 CVE-2003-1598
 	RESERVED
 CVE-2002-2443 (schpw.c in the kpasswd service in kadmind in MIT Kerberos 5 (aka krb5) ...)
-	{DSA-2698-1}
+	{DSA-2701-1 DSA-2698-1}
 	- krb5 1.10.1+dfsg-6 (bug #708267)
 	NOTE: http://krbdev.mit.edu/rt/Ticket/Display.html?id=7637
 	NOTE: https://github.com/krb5/krb5/commit/cf1a0c411b2668c57c41e9c4efd15ba17b6b322c




More information about the Secure-testing-commits mailing list