[Secure-testing-commits] r22277 - data/CVE

Moritz Muehlenhoff jmm at alioth.debian.org
Thu May 16 08:13:14 UTC 2013 

Author: jmm
Date: 2013-05-16 08:13:14 +0000 (Thu, 16 May 2013)
New Revision: 22277

Modified:
   data/CVE/list
Log:
sync from kernel-sec


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2013-05-16 05:45:07 UTC (rev 22276)
+++ data/CVE/list	2013-05-16 08:13:14 UTC (rev 22277)
@@ -570,7 +570,7 @@
 	[wheezy] - linux <not-affected> (Introduced in 3.7)
 CVE-2013-3301 (The ftrace implementation in the Linux kernel before 3.8.8 allows ...)
 	- linux-2.6 <removed> (low)
-	- linux <unfixed> (low)
+	- linux 3.8.11-1 (low)
 	NOTE: https://git.kernel.org/linus/6a76f8c0ab19f215af2a3442870eeb5f0e81998d
 	NOTE: Not enabled in default kernels
 CVE-2013-3269 (Cross-site request forgery (CSRF) vulnerability in Cybozu Office ...)
@@ -3307,7 +3307,8 @@
 CVE-2013-2058 [linux: chipidea: allow disabling streaming in host mode]
 	RESERVED
 	- linux-2.6 <not-affected> (Vulnerable code not present)
-	- linux <unfixed>
+	- linux 3.8-1
+	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: http://www.openwall.com/lists/oss-security/2013/05/03/2
 CVE-2013-2057
 	RESERVED
@@ -3453,7 +3454,7 @@
 	TODO: check
 CVE-2013-2015 (The ext4_orphan_del function in fs/ext4/namei.c in the Linux kernel ...)
 	{DSA-2668-1}
-	- linux <unfixed> (low)
+	- linux 3.8-1 (low)
 	- linux-2.6 <removed> (low)
 CVE-2013-2014 [no limitation for requests and headers size which can cause a crash]
 	RESERVED
@@ -3604,14 +3605,15 @@
 	RESERVED
 	- tiff <unfixed> (bug #706675)
 CVE-2013-1959 (kernel/user_namespace.c in the Linux kernel before 3.8.9 does not have ...)
-	- linux <unfixed>
-	- linux-2.6 <not-affected>
+	- linux 3.8.11-1
+	[wheezy] - linux <not-affected> (Introduced in 3.7)
+	- linux-2.6 <not-affected> (Introduced in 3.7)
 CVE-2013-1958 (The scm_check_creds function in net/core/scm.c in the Linux kernel ...)
 	- linux <unfixed>
 CVE-2013-1957 (The clone_mnt function in fs/namespace.c in the Linux kernel before ...)
 	- linux <unfixed>
 CVE-2013-1956 (The create_user_ns function in kernel/user_namespace.c in the Linux ...)
-	- linux <unfixed>
+	- linux 3.8.11-1
 CVE-2013-1955
 	RESERVED
 	NOT-FOR-US: Easy PHP Calendar
@@ -3716,7 +3718,7 @@
 	- linux-2.6 <removed>
 CVE-2013-1928 (The do_video_set_spu_palette function in fs/compat_ioctl.c in the ...)
 	{DSA-2668-1}
-	- linux <unfixed>
+	- linux 3.2.35-1
 	- linux-2.6 <removed>
 CVE-2013-1927 (The IcedTea-Web plugin before 1.2.3 and 1.3.x before 1.3.2 allows ...)
 	- icedtea-web 1.3.2-1

More information about the Secure-testing-commits mailing list