[Secure-testing-commits] r22281 - data/CVE

Joey Hess joeyh at alioth.debian.org
Thu May 16 09:14:27 UTC 2013 

Author: joeyh
Date: 2013-05-16 09:14:26 +0000 (Thu, 16 May 2013)
New Revision: 22281

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2013-05-16 08:59:48 UTC (rev 22280)
+++ data/CVE/list	2013-05-16 09:14:26 UTC (rev 22281)
@@ -575,6 +575,7 @@
 	- linux <unfixed>
 	[wheezy] - linux <not-affected> (Introduced in 3.7)
 CVE-2013-3301 (The ftrace implementation in the Linux kernel before 3.8.8 allows ...)
+	{DSA-2669-1}
 	- linux-2.6 <removed> (low)
 	- linux 3.8.11-1 (low)
 	NOTE: https://git.kernel.org/linus/6a76f8c0ab19f215af2a3442870eeb5f0e81998d
@@ -659,11 +660,11 @@
 	- linux-2.6 <not-affected> (VM Sockets only introduced in 3.9-rc1)
 	- linux <not-affected> (VM Sockets introduced in 3.9-rc1)
 CVE-2013-3235 (net/tipc/socket.c in the Linux kernel before 3.9-rc7 does not ...)
-	{DSA-2668-1}
+	{DSA-2669-1 DSA-2668-1}
 	- linux-2.6 <removed> (low)
 	- linux 3.8.11-1 (low)
 CVE-2013-3234 (The rose_recvmsg function in net/rose/af_rose.c in the Linux kernel ...)
-	{DSA-2668-1}
+	{DSA-2669-1 DSA-2668-1}
 	- linux-2.6 <unfixed> (low)
 	- linux 3.8.11-1 (low)
 CVE-2013-3233 (The llcp_sock_recvmsg function in net/nfc/llcp/sock.c in the Linux ...)
@@ -673,21 +674,22 @@
 	- linux-2.6 <not-affected> (Introduced and fixed during 3.9 cycle)
 	- linux <not-affected> (Introduced and fixed during 3.9 cycle)
 CVE-2013-3231 (The llc_ui_recvmsg function in net/llc/af_llc.c in the Linux kernel ...)
-	{DSA-2668-1}
+	{DSA-2669-1 DSA-2668-1}
 	- linux-2.6 <removed> (low)
 	- linux 3.8.11-1 (low)
 CVE-2013-3230 (The l2tp_ip6_recvmsg function in net/l2tp/l2tp_ip6.c in the Linux ...)
 	- linux-2.6 <not-affected> (net/l2tp/l2tp_ip6.c not present)
 	- linux <not-affected> (net/l2tp/l2tp_ip6.c introduced in 3.5)
 CVE-2013-3229 (The iucv_sock_recvmsg function in net/iucv/af_iucv.c in the Linux ...)
-	{DSA-2668-1}
+	{DSA-2669-1 DSA-2668-1}
 	- linux-2.6 <removed> (low)
 	- linux 3.8.11-1 (low)
 CVE-2013-3228 (The irda_recvmsg_dgram function in net/irda/af_irda.c in the Linux ...)
-	{DSA-2668-1}
+	{DSA-2669-1 DSA-2668-1}
 	- linux-2.6 <removed> (low)
 	- linux 3.8.11-1 (low)
 CVE-2013-3227 (The caif_seqpkt_recvmsg function in net/caif/caif_socket.c in the ...)
+	{DSA-2669-1}
 	- linux-2.6 <not-affected> (net/caif/caif_socket.c introduced in v2.6.35)
 	- linux 3.8.11-1 (low)
 CVE-2013-3226 (The sco_sock_recvmsg function in net/bluetooth/sco.c in the Linux ...)
@@ -695,19 +697,19 @@
 	- linux <not-affected> (Vulnerable code not yet present)
 	NOTE: sco_sock_recvmsg only introduced with v3.8, bt_sock_recvmsg has its own CVE ID
 CVE-2013-3225 (The rfcomm_sock_recvmsg function in net/bluetooth/rfcomm/sock.c in the ...)
-	{DSA-2668-1}
+	{DSA-2669-1 DSA-2668-1}
 	- linux-2.6 <removed> (low)
 	- linux 3.8.11-1 (low)
 CVE-2013-3224 (The bt_sock_recvmsg function in net/bluetooth/af_bluetooth.c in the ...)
-	{DSA-2668-1}
+	{DSA-2669-1 DSA-2668-1}
 	- linux-2.6 <removed> (low)
 	- linux 3.8.11-1 (low)
 CVE-2013-3223 (The ax25_recvmsg function in net/ax25/af_ax25.c in the Linux kernel ...)
-	{DSA-2668-1}
+	{DSA-2669-1 DSA-2668-1}
 	- linux-2.6 <removed> (low)
 	- linux 3.8.11-1 (low)
 CVE-2013-3222 (The vcc_recvmsg function in net/atm/common.c in the Linux kernel ...)
-	{DSA-2668-1}
+	{DSA-2669-1 DSA-2668-1}
 	- linux-2.6 <removed> (low)
 	- linux 3.8.11-1 (low)
 CVE-2013-3221 (The Active Record component in Ruby on Rails 2.3.x, 3.0.x, 3.1.x, and ...)
@@ -1007,6 +1009,7 @@
 CVE-2013-3077
 	RESERVED
 CVE-2013-3076 (The crypto API in the Linux kernel through 3.9-rc8 does not initialize ...)
+	{DSA-2669-1}
 	- linux 3.8.11-1 (low)
 	- linux-2.6 <not-affected> (Vulnerable code not present)
 CVE-2013-3075 (Multiple buffer overflows in ActUWzd.dll 1.0.0.1 in Mitsubishi MX ...)
@@ -3230,6 +3233,7 @@
 CVE-2013-2095
 	RESERVED
 CVE-2013-2094 (The perf_swevent_init function in kernel/events/core.c in the Linux ...)
+	{DSA-2669-1}
 	- linux 3.8.11-1
 	[squeeze] - linux-2.6 <not-affected> (Vulnerable code not present)
 CVE-2013-2093
@@ -3478,7 +3482,7 @@
 	NOTE: Only pratically affects virtio-rng according to oss-reference (and if mmap_min_addr = 0)
 	TODO: check
 CVE-2013-2015 (The ext4_orphan_del function in fs/ext4/namei.c in the Linux kernel ...)
-	{DSA-2668-1}
+	{DSA-2669-1 DSA-2668-1}
 	- linux 3.8-1 (low)
 	- linux-2.6 <removed> (low)
 CVE-2013-2014 [no limitation for requests and headers size which can cause a crash]
@@ -3573,6 +3577,7 @@
 	[wheezy] - xmp <no-dsa> (Minor issue)
 	[squeeze] - xmp <no-dsa> (Minor issue)
 CVE-2013-1979 (The scm_set_cred function in include/net/scm.h in the Linux kernel ...)
+	{DSA-2669-1}
 	- linux 3.8.11-1
 	- linux-2.6 <not-affected> (Introduced in 2.6.36)
 CVE-2013-1978
@@ -3738,7 +3743,7 @@
 	NOTE: http://www.openwall.com/lists/oss-security/2013/04/04/8
 CVE-2013-1929 [tg3 VPD firmware -> driver injection]
 	RESERVED
-	{DSA-2668-1}
+	{DSA-2669-1 DSA-2668-1}
 	- linux 3.8.11-1
 	- linux-2.6 <removed>
 CVE-2013-1928 (The do_video_set_spu_palette function in fs/compat_ioctl.c in the ...)
@@ -4185,7 +4190,7 @@
 	- linux-2.6 <removed>
 	NOTE: http://www.openwall.com/lists/oss-security/2013/03/20/9
 CVE-2013-1796 (The kvm_set_msr_common function in arch/x86/kvm/x86.c in the Linux ...)
-	{DSA-2668-1}
+	{DSA-2669-1 DSA-2668-1}
 	- linux 3.2.41-2
 	- linux-2.6 <removed>
 	NOTE: http://www.openwall.com/lists/oss-security/2013/03/20/9
@@ -8594,6 +8599,7 @@
 	RESERVED
 	NOT-FOR-US: Havalite CMS
 CVE-2013-0160 (The Linux kernel through 3.7.9 allows local users to obtain sensitive ...)
+	{DSA-2669-1}
 	- linux <unfixed> (unimportant)
 	- linux-2.6 <removed> (unimportant)
 	NOTE: Minor information leak, rather a missing hardening feature than a security vulnerability.

More information about the Secure-testing-commits mailing list