[Secure-testing-commits] r21659 - data/CVE

Moritz Muehlenhoff jmm at alioth.debian.org
Mon Mar 18 16:00:49 UTC 2013 

Author: jmm
Date: 2013-03-18 16:00:48 +0000 (Mon, 18 Mar 2013)
New Revision: 21659

Modified:
   data/CVE/list
Log:
firebird2.5 fixed
NFUs


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2013-03-18 09:36:37 UTC (rev 21658)
+++ data/CVE/list	2013-03-18 16:00:48 UTC (rev 21659)
@@ -168,7 +168,7 @@
 CVE-2013-2507
 	RESERVED
 CVE-2013-2506 (app/models/spree/user.rb in spree_auth_devise in Spree 1.1.x before ...)
-	TODO: check
+	NOT-FOR-US: Spree 
 CVE-2012-6535
 	RESERVED
 CVE-2013-2505
@@ -204,7 +204,7 @@
 CVE-2013-2492 [Request Processing Buffer Overflow Vulnerability]
 	RESERVED
 	{DSA-2648-1 DSA-2647-1}
-	- firebird2.1 <unfixed> (bug #702735)
+	- firebird2.5 2.5.2~svn+54698.ds4-2 (bug #702735)
 	- firebird2.5 <unfixed> (bug #702736)
 	NOTE: http://tracker.firebirdsql.org/browse/CORE-4058
 CVE-2013-2491
@@ -1585,13 +1585,11 @@
 CVE-2013-1851 [user_migrate: Local file disclosure]
 	RESERVED
 	- owncloud <unfixed> (bug #703094)
-	TODO: check
 	NOTE: https://owncloud.org/about/security/advisories/oC-SA-2013-010/
 	NOTE: http://www.openwall.com/lists/oss-security/2013/03/14/8
 CVE-2013-1850 [Contacts: Bypass of file blacklist]
 	RESERVED
 	- owncloud <unfixed> (bug #703094)
-	TODO: check
 	NOTE: https://owncloud.org/about/security/advisories/oC-SA-2013-009/
 	NOTE: http://www.openwall.com/lists/oss-security/2013/03/14/8
 CVE-2013-1849
@@ -2110,7 +2108,7 @@
 CVE-2011-5256 (Cross-site scripting (XSS) vulnerability in the tooltips in LimeSurvey ...)
 	- limesurvey <itp> (bug #472802)
 CVE-2013-1656 (Spree Commerce 1.0.x through 1.3.2 allow remote authenticated ...)
-	TODO: check
+	NOT-FOR-US: Spree 
 CVE-2013-1655 [puppet unauthenticated client remote code execution]
 	RESERVED
 	{DSA-2643-1}
@@ -3667,25 +3665,25 @@
 CVE-2013-0977
 	RESERVED
 CVE-2013-0976 (IOAcceleratorFamily in Apple Mac OS X before 10.8.3 allows remote ...)
-	TODO: check
+	NOT-FOR-US: Mac OS X
 CVE-2013-0975
 	RESERVED
 CVE-2013-0974 (StoreKit in Apple iOS before 6.1 does not properly handle the ...)
 	NOT-FOR-US: Apple StoreKit
 CVE-2013-0973 (Software Update in Apple Mac OS X through 10.7.5 does not prevent ...)
-	TODO: check
+	NOT-FOR-US: Mac OS X
 CVE-2013-0972
 	RESERVED
 CVE-2013-0971 (Use-after-free vulnerability in PDFKit in Apple Mac OS X before 10.8.3 ...)
-	TODO: check
+	NOT-FOR-US: Mac OS X
 CVE-2013-0970 (Messages in Apple Mac OS X before 10.8.3 allows remote attackers to ...)
-	TODO: check
+	NOT-FOR-US: Mac OS X
 CVE-2013-0969 (Login Window in Apple Mac OS X before 10.8.3 does not prevent ...)
-	TODO: check
+	NOT-FOR-US: Mac OS X
 CVE-2013-0968 (WebKit, as used in Apple iOS before 6.1, allows remote attackers to ...)
 	- webkit <undetermined> (bug #700164)
 CVE-2013-0967 (CoreTypes in Apple Mac OS X before 10.8.3 includes JNLP files in the ...)
-	TODO: check
+	NOT-FOR-US: Mac OS X
 CVE-2013-0966 (The Apple mod_hfs_apple module for the Apache HTTP Server in Apple Mac ...)
 	TODO: check
 CVE-2013-0965
@@ -3697,9 +3695,9 @@
 CVE-2013-0962 (Cross-site scripting (XSS) vulnerability in WebKit in Apple iOS before ...)
 	- webkit <undetermined> (bug #700164)
 CVE-2013-0961 (WebKit in Apple Safari before 6.0.3 allows remote attackers to execute ...)
-	TODO: check
+	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
 CVE-2013-0960 (WebKit in Apple Safari before 6.0.3 allows remote attackers to execute ...)
-	TODO: check
+	NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
 CVE-2013-0959 (WebKit, as used in Apple iOS before 6.1, allows remote attackers to ...)
 	- webkit <undetermined> (bug #700164)
 CVE-2013-0958 (WebKit, as used in Apple iOS before 6.1, allows remote attackers to ...)
@@ -8516,7 +8514,7 @@
 	[squeeze] - pcp <no-dsa> (Minor issue)
 CVE-2012-5529 (TraceManager in Firebird 2.5.0 and 2.5.1, when trace is enabled, ...)
 	{DSA-2648-1}
-	- firebird2.5 <unfixed> (low; bug #693210)
+	- firebird2.5 2.5.2~svn+54698.ds4-2 (low; bug #693210)
 	- firebird2.1 <not-affected> (Only affects 2.5.x)
 CVE-2012-5528
 	RESERVED

More information about the Secure-testing-commits mailing list