[Secure-testing-commits] r22119 - data/CVE
Thijs Kinkhorst
thijs at alioth.debian.org
Wed May 1 13:58:40 UTC 2013
Author: thijs
Date: 2013-05-01 13:58:40 +0000 (Wed, 01 May 2013)
New Revision: 22119
Modified:
data/CVE/list
Log:
boinc fixed in sid; squeeze does not ship vulnerable code in .deb
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-05-01 13:58:20 UTC (rev 22118)
+++ data/CVE/list 2013-05-01 13:58:40 UTC (rev 22119)
@@ -2844,12 +2844,16 @@
CVE-2013-2020
RESERVED
- clamav 0.97.8+dfsg-1
-CVE-2013-2019
+CVE-2013-2019 [stack overflow vulnerabilities in the XML parser]
RESERVED
- boinc 6.13.6+dfsg-1
NOTE: http://boinc.berkeley.edu/gitweb/?p=boinc-v2.git;a=commitdiff;h=9a4140ae30a72e5175f3f31646d91f2d58df7156
-CVE-2013-2018
+CVE-2013-2018 [SQL injections in the server-side scheduler code]
RESERVED
+ - boinc 7.0.65+dfsg-1 (low)
+ [squeeze] - boinc <not-affected> (Vulnerable code not present)
+ [wheezy] - boinc <no-dsa> (Minor issue)
+ NOTE: server-maker not shipped in squeeze
CVE-2013-2017 [linux: veth: double-free in case of congestion]
RESERVED
- linux 2.6.34-1
More information about the Secure-testing-commits
mailing list