[Secure-testing-commits] r22214 - data/CVE
Luciano Bello
luciano at alioth.debian.org
Thu May 9 16:48:25 UTC 2013
Author: luciano
Date: 2013-05-09 16:48:25 +0000 (Thu, 09 May 2013)
New Revision: 22214
Modified:
data/CVE/list
Log:
openstack issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-05-09 16:36:32 UTC (rev 22213)
+++ data/CVE/list 2013-05-09 16:48:25 UTC (rev 22214)
@@ -3178,8 +3178,10 @@
NOT-FOR-US: OpenShift
CVE-2013-2059 [Keystone: Deleted user can still create instances]
RESERVED
- - keystone <unfixed>
+ - keystone <unfixed> (bug #707598)
[wheezy] - keystone <no-dsa> (Minor issue)
+ [squeeze] - keystone <no-dsa> (Minor issue)
+ NOTE: http://lists.openstack.org/pipermail/openstack-announce/2013-May/000099.html
CVE-2013-2058 [linux: chipidea: allow disabling streaming in host mode]
RESERVED
- linux-2.6 <not-affected> (Vulnerable code not present)
@@ -3253,8 +3255,12 @@
RESERVED
- mediawiki <unfixed> (bug #706601)
NOTE: https://bugzilla.wikimedia.org/show_bug.cgi?id=47304
-CVE-2013-2030
+CVE-2013-2030 [Nova uses insecure keystone middleware tmpdir by default]
RESERVED
+ - nova <unfixed> (bug #707600)
+ [wheezy] - nova <no-dsa> (Minor issue)
+ [squeeze] - nova <no-dsa> (Minor issue)
+ NOTE: http://lists.openstack.org/pipermail/openstack-announce/2013-May/000098.html
CVE-2013-2029
RESERVED
- nagios <not-affected> (Affected file nagios.upgrade_to_v3.sh not in Debian)
More information about the Secure-testing-commits
mailing list