[Secure-testing-commits] r22212 - data/CVE
Moritz Muehlenhoff
jmm at alioth.debian.org
Thu May 9 16:00:34 UTC 2013
Author: jmm
Date: 2013-05-09 16:00:34 +0000 (Thu, 09 May 2013)
New Revision: 22212
Modified:
data/CVE/list
Log:
update some negligable linux fs issues, which won't be backported
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-05-09 15:43:01 UTC (rev 22211)
+++ data/CVE/list 2013-05-09 16:00:34 UTC (rev 22212)
@@ -3948,6 +3948,8 @@
CVE-2013-1819 (The _xfs_buf_find function in fs/xfs/xfs_buf.c in the Linux kernel ...)
- linux 3.8-1
- linux-2.6 <removed> (low)
+ [squeeze] - linux-2.6 <no-dsa> (Too risky to backport, minor impact)
+ [wheezy] - linux <no-dsa> (Too risky to backport, minor impact)
CVE-2013-1818 [mediawiki mwdoc-filter.php information disclosure]
RESERVED
- mediawiki <not-affected> (mwdoc-filter.php introduced in 1.20)
@@ -11192,13 +11194,13 @@
CVE-2012-5376 (The Inter-process Communication (IPC) implementation in Google Chrome ...)
- chromium-browser 22.0.1229.94~r161065-1
CVE-2012-5375 (The CRC32C feature in the Btrfs implementation in the Linux kernel ...)
- - linux <unfixed> (low)
+ - linux 3.8-1 (unimportant)
- linux-2.6 <unfixed> (unimportant)
- NOTE: btrfs support in Squeeze is just a tech preview
+ NOTE: btrfs support in Squeeze/Wheezy is not ready for production use
CVE-2012-5374 (The CRC32C feature in the Btrfs implementation in the Linux kernel ...)
- - linux <unfixed> (low)
+ - linux 3.8-1 (unimportant)
- linux-2.6 <unfixed> (unimportant)
- NOTE: btrfs support in Squeeze is just a tech preview
+ NOTE: btrfs support in Squeeze/Wheezy is not ready for production use
CVE-2012-5373 (Oracle Java SE 7 and earlier, and OpenJDK 7 and earlier, computes hash ...)
- openjdk-6 <unfixed>
- openjdk-7 <unfixed>
More information about the Secure-testing-commits
mailing list