[Secure-testing-commits] r21770 - data/CVE
Moritz Muehlenhoff
jmm at alioth.debian.org
Thu Mar 28 09:33:06 UTC 2013
Author: jmm
Date: 2013-03-28 09:33:06 +0000 (Thu, 28 Mar 2013)
New Revision: 21770
Modified:
data/CVE/list
Log:
new roundcube issue
one asterisk issue doesn't affect stable/testing
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-03-28 05:29:07 UTC (rev 21769)
+++ data/CVE/list 2013-03-28 09:33:06 UTC (rev 21770)
@@ -1,3 +1,6 @@
+CVE-2013-XXXX [roundcube variable overwrite]
+ - roundcube 0.7.2-9
+ [squeeze] - roundcube <not-affected> (Vulnerable code not present)
CVE-2013-2710
RESERVED
CVE-2013-2709
@@ -52,9 +55,8 @@
NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-20967
CVE-2013-2685 [Buffer Overflow Exploit Through SIP SDP Header]
RESERVED
- - asterisk <unfixed> (bug #704114)
+ - asterisk <not-affected> (H264 code not yet present)
NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-20901
- TODO: check, tracker states that only 1.11.x is affected
CVE-2013-2684
RESERVED
CVE-2013-2683
@@ -1049,7 +1051,7 @@
RESERVED
CVE-2013-2264 [Username disclosure in SIP channel driver]
RESERVED
- - asterisk <unfixed> (bug #704114)
+ - asterisk <unfixed> (low; bug #704114)
NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-21013
CVE-2013-2263 (Unspecified vulnerability in Citrix Access Gateway Standard Edition ...)
NOT-FOR-US: Citrix Access Gateway
More information about the Secure-testing-commits
mailing list