[Secure-testing-commits] r21613 - data/CVE

Moritz Muehlenhoff jmm at alioth.debian.org
Thu Mar 14 12:05:51 UTC 2013 

Author: jmm
Date: 2013-03-14 12:05:51 +0000 (Thu, 14 Mar 2013)
New Revision: 21613

Modified:
   data/CVE/list
Log:
NFUs
rewrite puppet entry, <not-affected> is for packages, which were never affected in Debian,
   e.g. if a security issue only applies to Windows



Modified: data/CVE/list
===================================================================
--- data/CVE/list	2013-03-14 10:14:45 UTC (rev 21612)
+++ data/CVE/list	2013-03-14 12:05:51 UTC (rev 21613)
@@ -1,19 +1,19 @@
 CVE-2013-2558 (Unspecified vulnerability in Microsoft Windows 8 allows remote ...)
-	TODO: check
+	NOT-FOR-US: Windows 8
 CVE-2013-2557 (The sandbox protection mechanism in Microsoft Internet Explorer 9 ...)
-	TODO: check
+	NOT-FOR-US: Internet Explorer
 CVE-2013-2556 (Unspecified vulnerability in Microsoft Windows 7 allows attackers to ...)
-	TODO: check
+	NOT-FOR-US: Windows 7
 CVE-2013-2555 (Adobe Flash Player 11.6.602.171 on Windows allows remote attackers to ...)
-	TODO: check
+	NOT-FOR-US: Adobe Flash plugin
 CVE-2013-2554 (Unspecified vulnerability in Microsoft Windows 7 allows attackers to ...)
-	TODO: check
+	NOT-FOR-US: Windows 7
 CVE-2013-2553 (Unspecified vulnerability in the kernel in Microsoft Windows 7 allows ...)
-	TODO: check
+	NOT-FOR-US: Windows 7
 CVE-2013-2552 (Unspecified vulnerability in Microsoft Internet Explorer 10 on Windows ...)
-	TODO: check
+	NOT-FOR-US: Internet Explorer
 CVE-2013-2551 (Unspecified vulnerability in Microsoft Internet Explorer 10 on Windows ...)
-	TODO: check
+	NOT-FOR-US: Internet Explorer
 CVE-2013-2550 (Unspecified vulnerability in Adobe Reader 11.0.02 allows attackers to ...)
 	NOT-FOR-US: Adobe Reader
 CVE-2013-2549 (Unspecified vulnerability in Adobe Reader 11.0.02 allows remote ...)
@@ -636,7 +636,8 @@
 CVE-2013-2274 [puppet remote code execution]
 	RESERVED
 	{DSA-2643-1}
-	- puppet <not-affected> (Only affects puppet 2.6.x)
+	- puppet 2.7-1
+	NOTE: Only affects puppet 2.6.x
 CVE-2013-2273 (bitcoind and Bitcoin-Qt before 0.4.9rc1, 0.5.x before 0.5.8rc1, 0.6.0 ...)
 	TODO: check
 CVE-2013-2272 (The penny-flooding protection mechanism in the CTxMemPool::accept ...)
@@ -1579,6 +1580,7 @@
 	NOTE: http://www.ruby-lang.org/en/news/2013/02/22/rexml-dos-2013-02-22/
 CVE-2013-1820
 	RESERVED
+	NOT-FOR-US: tuned (RH-specific powersaving tool)
 CVE-2013-1819 (The _xfs_buf_find function in fs/xfs/xfs_buf.c in the Linux kernel ...)
 	- linux <unfixed> (low)
 	- linux-2.6 <removed> (low)
@@ -2034,6 +2036,7 @@
 	RESERVED
 CVE-2013-1646
 	RESERVED
+	NOT-FOR-US: Open-Xchange
 CVE-2013-1645
 	RESERVED
 CVE-2013-1644
@@ -2724,6 +2727,7 @@
 	RESERVED
 CVE-2013-1376
 	RESERVED
+	NOT-FOR-US: Adobe Reader
 CVE-2013-1375 (Heap-based buffer overflow in Adobe Flash Player before 10.3.183.68 ...)
 	NOT-FOR-US: Adobe Flash Plugin
 CVE-2013-1374 (Use-after-free vulnerability in Adobe Flash Player before 10.3.183.63 ...)

More information about the Secure-testing-commits mailing list