[Secure-testing-commits] r21597 - data/CVE
Yves-Alexis Perez
corsac at alioth.debian.org
Tue Mar 12 21:02:08 UTC 2013
Author: corsac
Date: 2013-03-12 21:02:07 +0000 (Tue, 12 Mar 2013)
New Revision: 21597
Modified:
data/CVE/list
Log:
add puppet CVEs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-03-12 20:45:03 UTC (rev 21596)
+++ data/CVE/list 2013-03-12 21:02:07 UTC (rev 21597)
@@ -628,10 +628,12 @@
CVE-2013-2276 (The avcodec_decode_audio4 function in utils.c in libavcodec in FFmpeg ...)
- ffmpeg <not-affected> (Doesn't affect libav, specific to current ffmpeg)
- libav <not-affected> (Doesn't affect libav, specific to current ffmpeg)
-CVE-2013-2275
+CVE-2013-2275 [puppet incorrect default report ACL vulnerability]
RESERVED
-CVE-2013-2274
+ - puppet <unfixed>
+CVE-2013-2274 [puppet remote code execution]
RESERVED
+ - puppet <unfixed>
CVE-2013-2273
RESERVED
CVE-2013-2272
@@ -1985,14 +1987,18 @@
- limesurvey <itp> (bug #472802)
CVE-2013-1656 (Spree Commerce 1.0.x through 1.3.2 allow remote authenticated ...)
TODO: check
-CVE-2013-1655
+CVE-2013-1655 [puppet unauthenticated client remote code execution]
RESERVED
-CVE-2013-1654
+ - puppet <unfixed>
+CVE-2013-1654 [puppet SSL downgrade vulnerability]
RESERVED
-CVE-2013-1653
+ - puppet <unfixed>
+CVE-2013-1653 [puppet agent remote code execution]
RESERVED
-CVE-2013-1652
+ - puppet <unfixed>
+CVE-2013-1652 [puppet insufficient input validation vulnerability and unautorised data access]
RESERVED
+ - puppet <unfixed>
CVE-2013-1651
RESERVED
CVE-2013-1650
@@ -2017,7 +2023,8 @@
RESERVED
CVE-2013-1641
RESERVED
-CVE-2013-1640
+CVE-2013-1640 [puppet remote code execution]
+ - puppet <unfixed>
RESERVED
CVE-2013-1639 (Opera before 12.13 does not send CORS preflight requests in all ...)
NOT-FOR-US: Opera
More information about the Secure-testing-commits
mailing list