[Secure-testing-commits] r22455 - data/CVE
Joey Hess
joeyh at alioth.debian.org
Sun Jun 2 21:14:29 UTC 2013
Author: joeyh
Date: 2013-06-02 21:14:29 +0000 (Sun, 02 Jun 2013)
New Revision: 22455
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-06-02 21:14:10 UTC (rev 22454)
+++ data/CVE/list 2013-06-02 21:14:29 UTC (rev 22455)
@@ -400,6 +400,7 @@
CVE-2013-3563
RESERVED
CVE-2013-3562 (Multiple integer signedness errors in the tvb_unmasked function in ...)
+ {DSA-2700-1}
- wireshark 1.8.7-1 (bug #709167)
[squeeze] - wireshark <not-affected> (Only affects 1.8.x)
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8499
@@ -410,25 +411,30 @@
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8448
NOTE: http://www.wireshark.org/security/wnpa-sec-2013-29.html
CVE-2013-3560 (The dissect_dsmcc_un_download function in ...)
+ {DSA-2700-1}
- wireshark 1.8.7-1 (unimportant; bug #709167)
[squeeze] - wireshark <not-affected> (Only affects 1.8.x)
NOTE: http://www.wireshark.org/security/wnpa-sec-2013-28.html
NOTE: Not suitable for code injection
CVE-2013-3559 (epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector in ...)
+ {DSA-2700-1}
- wireshark 1.8.7-1 (bug #709167)
[squeeze] - wireshark <not-affected> (Only affects 1.8.x)
NOTE: http://www.wireshark.org/security/wnpa-sec-2013-27.html
CVE-2013-3558 (The dissect_ccp_bsdcomp_opt function in epan/dissectors/packet-ppp.c ...)
+ {DSA-2700-1}
- wireshark 1.8.7-1 (bug #709167)
[squeeze] - wireshark <not-affected> (Only affects 1.8.x)
NOTE: http://www.wireshark.org/security/wnpa-sec-2013-26.html
CVE-2013-3557 (The dissect_ber_choice function in epan/dissectors/packet-ber.c in the ...)
+ {DSA-2700-1}
- wireshark 1.8.7-1 (unimportant; bug #709167)
NOTE: Not suitable for code injection
CVE-2013-3556 (The fragment_add_seq_common function in epan/reassemble.c in the ASN.1 ...)
- wireshark <not-affected> (Only affected the dev trunk)
NOTE: http://www.wireshark.org/security/wnpa-sec-2013-25.html (r48943)
CVE-2013-3555 (epan/dissectors/packet-gtpv2.c in the GTPv2 dissector in Wireshark ...)
+ {DSA-2700-1}
- wireshark 1.8.7-1 (bug #709167)
[squeeze] - wireshark <not-affected> (Only affects 1.8.x)
NOTE: http://www.wireshark.org/security/wnpa-sec-2013-24.html
@@ -936,7 +942,8 @@
RESERVED
CVE-2013-3316
RESERVED
-CVE-2013-3315 (The server in TIBCO Silver Mobile 1.1.0 does not properly verify access ...)
+CVE-2013-3315
+ RESERVED
NOT-FOR-US: TIBCO
CVE-2013-3314
RESERVED
@@ -5090,34 +5097,42 @@
CVE-2013-1682
RESERVED
CVE-2013-1681 (Use-after-free vulnerability in the ...)
+ {DSA-2699-1}
- iceweasel 17.0.6esr-1
- icedove <unfixed>
- iceape <unfixed>
CVE-2013-1680 (Use-after-free vulnerability in the nsFrameList::FirstChild function ...)
+ {DSA-2699-1}
- iceweasel 17.0.6esr-1
- icedove <unfixed>
- iceape <unfixed>
CVE-2013-1679 (Use-after-free vulnerability in the ...)
+ {DSA-2699-1}
- iceweasel 17.0.6esr-1
- icedove <unfixed>
- iceape <unfixed>
CVE-2013-1678 (The _cairo_xlib_surface_add_glyph function in Mozilla Firefox before ...)
+ {DSA-2699-1}
- iceweasel 17.0.6esr-1
- icedove <unfixed>
- iceape <unfixed>
CVE-2013-1677 (The gfxSkipCharsIterator::SetOffsets function in Mozilla Firefox ...)
+ {DSA-2699-1}
- iceweasel 17.0.6esr-1
- icedove <unfixed>
- iceape <unfixed>
CVE-2013-1676 (The SelectionIterator::GetNextSegment function in Mozilla Firefox ...)
+ {DSA-2699-1}
- iceweasel 17.0.6esr-1
- icedove <unfixed>
- iceape <unfixed>
CVE-2013-1675 (Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, ...)
+ {DSA-2699-1}
- iceweasel 17.0.6esr-1
- icedove <unfixed>
- iceape <unfixed>
CVE-2013-1674 (Use-after-free vulnerability in Mozilla Firefox before 21.0, Firefox ...)
+ {DSA-2699-1}
- iceweasel 17.0.6esr-1
- icedove <unfixed>
- iceape <unfixed>
@@ -5132,6 +5147,7 @@
[wheezy] - iceweasel <not-affected> (Doesn't affect ESR 17 series)
NOTE: fixed in experimental in 21.0-1
CVE-2013-1670 (The Chrome Object Wrapper (COW) implementation in Mozilla Firefox ...)
+ {DSA-2699-1}
- iceweasel 17.0.6esr-1
- icedove <unfixed>
- iceape <unfixed>
@@ -6249,9 +6265,11 @@
NOT-FOR-US: Orchard
CVE-2012-0722
REJECTED
-CVE-2013-1247 (Cross-site scripting (XSS) vulnerability in the wireless configuration ...)
+CVE-2013-1247
+ RESERVED
NOT-FOR-US: Cisco
-CVE-2013-1246 (Cisco TelePresence System Software does not properly handle inactive ...)
+CVE-2013-1246
+ RESERVED
NOT-FOR-US: Cisco
CVE-2013-1245 (The user-management page in Cisco WebEx Social relies on client-side ...)
NOT-FOR-US: Cisco WebEx Social
@@ -7345,10 +7363,12 @@
CVE-2013-0802
RESERVED
CVE-2013-0801 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+ {DSA-2699-1}
- iceweasel 17.0.6esr-1
- icedove <unfixed>
- iceape <unfixed>
CVE-2013-0800 (Integer signedness error in the pixman_fill_sse2 function in ...)
+ {DSA-2699-1}
- iceweasel 17.0.5esr-1
- icedove 17.0.5-1
- iceape <unfixed>
@@ -7363,10 +7383,12 @@
CVE-2013-0797 (Untrusted search path vulnerability in the Mozilla Updater in Mozilla ...)
- iceweasel <not-affected> (Only affects Firefox on Windows)
CVE-2013-0796 (The WebGL subsystem in Mozilla Firefox before 20.0, Firefox ESR 17.x ...)
+ {DSA-2699-1}
- iceweasel 17.0.5esr-1
- icedove 17.0.5-1
- iceape <unfixed>
CVE-2013-0795 (The System Only Wrapper (SOW) implementation in Mozilla Firefox before ...)
+ {DSA-2699-1}
- icedove <unfixed>
- iceape <unfixed>
- iceweasel 17.0.5esr-1
@@ -7374,6 +7396,7 @@
- iceweasel 17.0.5esr-1 (low)
- iceape <unfixed> (low)
CVE-2013-0793 (Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, ...)
+ {DSA-2699-1}
- iceweasel 17.0.5esr-1
- icedove 17.0.5-1
- iceape <unfixed>
@@ -7390,10 +7413,12 @@
- icedove <not-affected> (Only affects Firefox 19)
- iceape <not-affected> (Only affects Firefox 19)
CVE-2013-0788 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+ {DSA-2699-1}
- iceweasel 17.0.5esr-1
- iceape <unfixed>
- icedove 17.0.5-1
CVE-2013-0787 (Use-after-free vulnerability in the nsEditor::IsPreformatted function ...)
+ {DSA-2699-1}
- iceweasel 17.0.5esr-1
- icedove 17.0.5-1
- iceape <unfixed>
@@ -7411,11 +7436,13 @@
- iceweasel <not-affected> (Doesn't affect the ESR series, only releases from experimental)
- icedove <not-affected> (Doesn't affect the ESR series, only releases from experimental)
CVE-2013-0783 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+ {DSA-2699-1}
- iceweasel 17.0.5esr-1 (bug #703071)
- icedove 17.0.5-1
- iceape <unfixed>
NOTE: Fixed in experimental in 19.0-1, update when enters unstable
CVE-2013-0782 (Heap-based buffer overflow in the nsSaveAsCharset::DoCharsetConversion ...)
+ {DSA-2699-1}
- iceweasel 17.0.5esr-1 (bug #703071)
- icedove 17.0.5-1
- iceape <unfixed>
@@ -7425,6 +7452,7 @@
- iceweasel <not-affected> (Doesn't affect the ESR series, only releases from experimental)
- icedove <not-affected> (Doesn't affect the ESR series, only releases from experimental)
CVE-2013-0780 (Use-after-free vulnerability in the ...)
+ {DSA-2699-1}
- iceweasel 17.0.5esr-1 (bug #703071)
- icedove 17.0.5-1
- iceape <unfixed>
@@ -7442,11 +7470,13 @@
- iceweasel <not-affected> (Doesn't affect the ESR series, only releases from experimental)
- icedove <not-affected> (Doesn't affect the ESR series, only releases from experimental)
CVE-2013-0776 (Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, ...)
+ {DSA-2699-1}
- iceweasel 17.0.5esr-1 (bug #703071)
- icedove 17.0.5-1
- iceape <unfixed>
NOTE: Fixed in experimental in 19.0-1, update when enters unstable
CVE-2013-0775 (Use-after-free vulnerability in the ...)
+ {DSA-2699-1}
- iceweasel 17.0.5esr-1 (bug #703071)
- icedove 17.0.5-1
- iceape <unfixed>
@@ -7456,6 +7486,7 @@
- iceweasel <not-affected> (Introduced in Firefox 15)
- icedove <not-affected> (Introduced in Firefox 15)
CVE-2013-0773 (The Chrome Object Wrapper (COW) and System Only Wrapper (SOW) ...)
+ {DSA-2699-1}
- iceweasel 17.0.5esr-1 (bug #703071)
- icedove 17.0.5-1
- iceape <unfixed>
@@ -25445,7 +25476,7 @@
CVE-2003-1598
RESERVED
CVE-2002-2443 (schpw.c in the kpasswd service in kadmind in MIT Kerberos 5 (aka krb5) ...)
- {DSA-2698-1}
+ {DSA-2701-1 DSA-2698-1}
- krb5 1.10.1+dfsg-6 (bug #708267)
NOTE: http://krbdev.mit.edu/rt/Ticket/Display.html?id=7637
NOTE: https://github.com/krb5/krb5/commit/cf1a0c411b2668c57c41e9c4efd15ba17b6b322c
More information about the Secure-testing-commits
mailing list