[Secure-testing-commits] r21658 - data/CVE
Moritz Muehlenhoff
jmm at alioth.debian.org
Mon Mar 18 09:36:37 UTC 2013
Author: jmm
Date: 2013-03-18 09:36:37 +0000 (Mon, 18 Mar 2013)
New Revision: 21658
Modified:
data/CVE/list
Log:
new unimportant libcommons-fileupload-java issue
new kernel issue
one kernel issue doesn't affect Debian releases
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-03-17 15:19:55 UTC (rev 21657)
+++ data/CVE/list 2013-03-18 09:36:37 UTC (rev 21658)
@@ -1558,13 +1558,14 @@
TODO: Report to BTS
CVE-2013-1860
RESERVED
+ - linux <unfixed>
+ - linux-2.6 <removed>
CVE-2013-1859
RESERVED
CVE-2013-1858 [linux: CLONE_NEWUSER|CLONE_FS root exploit]
RESERVED
- - linux <unfixed>
- - linux-2.6 <removed>
- TODO: check
+ - linux <not-affected> (Only exploitable starting with 3.7)
+ - linux-2.6 <not-affected> (Only exploitable starting with 3.7)
NOTE: http://stealth.openwall.net/xSports/clown-newuser.c
CVE-2013-1857
RESERVED
@@ -5791,7 +5792,8 @@
[squeeze] - curl <not-affected> (Only affects 7.26.0 to 7.28.1)
[wheezy] - curl 7.26.0-1+wheezy1
CVE-2013-0248 (The default configuration of javax.servlet.context.tempdir in Apache ...)
- TODO: check
+ - libcommons-fileupload-java <unfixed> (unimportant)
+ NOTE: Only affects example code
CVE-2013-0247 (OpenStack Keystone Essex 2012.1.3 and earlier, Folsom 2012.2.3 and ...)
- keystone 2012.1.1-12 (bug #699835)
CVE-2013-0246 [Access bypass Image module - Drupal 7]
More information about the Secure-testing-commits
mailing list