[Secure-testing-commits] r21659 - data/CVE
Moritz Muehlenhoff
jmm at alioth.debian.org
Mon Mar 18 16:00:49 UTC 2013
Author: jmm
Date: 2013-03-18 16:00:48 +0000 (Mon, 18 Mar 2013)
New Revision: 21659
Modified:
data/CVE/list
Log:
firebird2.5 fixed
NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-03-18 09:36:37 UTC (rev 21658)
+++ data/CVE/list 2013-03-18 16:00:48 UTC (rev 21659)
@@ -168,7 +168,7 @@
CVE-2013-2507
RESERVED
CVE-2013-2506 (app/models/spree/user.rb in spree_auth_devise in Spree 1.1.x before ...)
- TODO: check
+ NOT-FOR-US: Spree
CVE-2012-6535
RESERVED
CVE-2013-2505
@@ -204,7 +204,7 @@
CVE-2013-2492 [Request Processing Buffer Overflow Vulnerability]
RESERVED
{DSA-2648-1 DSA-2647-1}
- - firebird2.1 <unfixed> (bug #702735)
+ - firebird2.5 2.5.2~svn+54698.ds4-2 (bug #702735)
- firebird2.5 <unfixed> (bug #702736)
NOTE: http://tracker.firebirdsql.org/browse/CORE-4058
CVE-2013-2491
@@ -1585,13 +1585,11 @@
CVE-2013-1851 [user_migrate: Local file disclosure]
RESERVED
- owncloud <unfixed> (bug #703094)
- TODO: check
NOTE: https://owncloud.org/about/security/advisories/oC-SA-2013-010/
NOTE: http://www.openwall.com/lists/oss-security/2013/03/14/8
CVE-2013-1850 [Contacts: Bypass of file blacklist]
RESERVED
- owncloud <unfixed> (bug #703094)
- TODO: check
NOTE: https://owncloud.org/about/security/advisories/oC-SA-2013-009/
NOTE: http://www.openwall.com/lists/oss-security/2013/03/14/8
CVE-2013-1849
@@ -2110,7 +2108,7 @@
CVE-2011-5256 (Cross-site scripting (XSS) vulnerability in the tooltips in LimeSurvey ...)
- limesurvey <itp> (bug #472802)
CVE-2013-1656 (Spree Commerce 1.0.x through 1.3.2 allow remote authenticated ...)
- TODO: check
+ NOT-FOR-US: Spree
CVE-2013-1655 [puppet unauthenticated client remote code execution]
RESERVED
{DSA-2643-1}
@@ -3667,25 +3665,25 @@
CVE-2013-0977
RESERVED
CVE-2013-0976 (IOAcceleratorFamily in Apple Mac OS X before 10.8.3 allows remote ...)
- TODO: check
+ NOT-FOR-US: Mac OS X
CVE-2013-0975
RESERVED
CVE-2013-0974 (StoreKit in Apple iOS before 6.1 does not properly handle the ...)
NOT-FOR-US: Apple StoreKit
CVE-2013-0973 (Software Update in Apple Mac OS X through 10.7.5 does not prevent ...)
- TODO: check
+ NOT-FOR-US: Mac OS X
CVE-2013-0972
RESERVED
CVE-2013-0971 (Use-after-free vulnerability in PDFKit in Apple Mac OS X before 10.8.3 ...)
- TODO: check
+ NOT-FOR-US: Mac OS X
CVE-2013-0970 (Messages in Apple Mac OS X before 10.8.3 allows remote attackers to ...)
- TODO: check
+ NOT-FOR-US: Mac OS X
CVE-2013-0969 (Login Window in Apple Mac OS X before 10.8.3 does not prevent ...)
- TODO: check
+ NOT-FOR-US: Mac OS X
CVE-2013-0968 (WebKit, as used in Apple iOS before 6.1, allows remote attackers to ...)
- webkit <undetermined> (bug #700164)
CVE-2013-0967 (CoreTypes in Apple Mac OS X before 10.8.3 includes JNLP files in the ...)
- TODO: check
+ NOT-FOR-US: Mac OS X
CVE-2013-0966 (The Apple mod_hfs_apple module for the Apache HTTP Server in Apple Mac ...)
TODO: check
CVE-2013-0965
@@ -3697,9 +3695,9 @@
CVE-2013-0962 (Cross-site scripting (XSS) vulnerability in WebKit in Apple iOS before ...)
- webkit <undetermined> (bug #700164)
CVE-2013-0961 (WebKit in Apple Safari before 6.0.3 allows remote attackers to execute ...)
- TODO: check
+ NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
CVE-2013-0960 (WebKit in Apple Safari before 6.0.3 allows remote attackers to execute ...)
- TODO: check
+ NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
CVE-2013-0959 (WebKit, as used in Apple iOS before 6.1, allows remote attackers to ...)
- webkit <undetermined> (bug #700164)
CVE-2013-0958 (WebKit, as used in Apple iOS before 6.1, allows remote attackers to ...)
@@ -8516,7 +8514,7 @@
[squeeze] - pcp <no-dsa> (Minor issue)
CVE-2012-5529 (TraceManager in Firebird 2.5.0 and 2.5.1, when trace is enabled, ...)
{DSA-2648-1}
- - firebird2.5 <unfixed> (low; bug #693210)
+ - firebird2.5 2.5.2~svn+54698.ds4-2 (low; bug #693210)
- firebird2.1 <not-affected> (Only affects 2.5.x)
CVE-2012-5528
RESERVED
More information about the Secure-testing-commits
mailing list