[Secure-testing-commits] r21771 - data/CVE

Moritz Muehlenhoff jmm at alioth.debian.org
Thu Mar 28 11:33:16 UTC 2013 

Author: jmm
Date: 2013-03-28 11:33:16 +0000 (Thu, 28 Mar 2013)
New Revision: 21771

Modified:
   data/CVE/list
Log:
new vague samba issue
NFUs


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2013-03-28 09:33:06 UTC (rev 21770)
+++ data/CVE/list	2013-03-28 11:33:16 UTC (rev 21771)
@@ -2020,6 +2020,7 @@
 	NOTE: http://git.php.net/?p=web/php.git;a=commitdiff;h=e8432b34ee7a196a14a6e0191a00fe73b5a095e7
 CVE-2013-1823
 	RESERVED
+	NOT-FOR-US: Katello
 CVE-2013-1822
 	RESERVED
 	- owncloud <not-affected> (owncloud stable4 (4.0.x) is not affected) 
@@ -3640,9 +3641,9 @@
 CVE-2013-1163
 	RESERVED
 CVE-2013-1162 (The traffic engineering (TE) processing subsystem in Cisco IOS XR ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2013-1161 (The XML parser in the Cisco Jabber IM application for Android allows ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2013-1160
 	RESERVED
 CVE-2013-1159
@@ -5271,13 +5272,13 @@
 CVE-2013-0490 (Unspecified vulnerability in IBM InfoSphere Guardium S-TAP 8.1 for DB2 ...)
 	NOT-FOR-US: IBM InfoSphere Guardium
 CVE-2013-0489 (Cross-site request forgery (CSRF) vulnerability in webadmin.nsf (aka ...)
-	TODO: check
+	NOT-FOR-US: IBM Domino
 CVE-2013-0488 (Cross-site scripting (XSS) vulnerability in webadmin.nsf (aka the Web ...)
-	TODO: check
+	NOT-FOR-US: IBM Domino
 CVE-2013-0487 (The Java Console in IBM Domino 8.5.x allows remote authenticated users ...)
-	TODO: check
+	NOT-FOR-US: IBM Domino
 CVE-2013-0486 (Memory leak in the HTTP server in IBM Domino 8.5.x allows remote ...)
-	TODO: check
+	NOT-FOR-US: IBM Domino
 CVE-2013-0485
 	RESERVED
 CVE-2013-0484
@@ -5341,7 +5342,8 @@
 CVE-2013-0455
 	RESERVED
 CVE-2013-0454 (Samba before 3.6.6, as used on the IBM Storwize V7000 Unified 1.3 ...)
-	TODO: check
+	- samba <undetermined>
+	NOTE: Security impact should be clarified with upstream, might be specific to the IBM appliance
 CVE-2013-0453 (Cross-site scripting (XSS) vulnerability in Web Reports in IBM Tivoli ...)
 	NOT-FOR-US: IBM Tivoli Endpoint Manager
 CVE-2013-0452
@@ -8761,6 +8763,7 @@
 	NOTE: http://www.openwall.com/lists/oss-security/2012/11/21/2
 CVE-2012-5575
 	RESERVED
+	NOT-FOR-US: Apache CXF
 CVE-2012-5574 (lib/form/sfForm.class.php in Symfony CMS before 1.4.20 allows remote ...)
 	NOT-FOR-US: Symfony
 CVE-2012-5573 (The connection_edge_process_relay_cell function in or/relay.c in Tor ...)

More information about the Secure-testing-commits mailing list