[Secure-testing-commits] r22350 - data/CVE

[Moritz Muehlenhoff]

Author: jmm
Date: 2013-05-24 08:34:48 +0000 (Fri, 24 May 2013)
New Revision: 22350

Modified:
   data/CVE/list
Log:
wireshark fixed
one wireshark issue not in squeeze
mediawiki no-dsa
Red Hat NFUs


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2013-05-24 07:38:17 UTC (rev 22349)
+++ data/CVE/list	2013-05-24 08:34:48 UTC (rev 22350)
@@ -194,34 +194,34 @@
 	RESERVED
 CVE-2013-3562 [wireshark: Websocket dissector crash]
 	RESERVED
-	- wireshark <unfixed> (bug #709167)
-	TODO: check
+	- wireshark 1.8.7-1 (bug #709167)
+	[squeeze] - wireshark <not-affected> (Only affects 1.8.x)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8499
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2013-29.html
 CVE-2013-3561 [wireshark: Websocket dissector crash]
 	RESERVED
-	- wireshark <unfixed> (bug #709167)
+	- wireshark 1.8.7-1 (bug #709167)
 	[squeeze] - wireshark <not-affected> (Only affects 1.8.x)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8448
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2013-29.html
 CVE-2013-3560 [wireshark: MPEG DSM-CC dissector crash]
 	RESERVED
-	- wireshark <unfixed> (bug #709167)
+	- wireshark 1.8.7-1 (bug #709167)
 	[squeeze] - wireshark <not-affected> (Only affects 1.8.x)
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2013-28.html
 CVE-2013-3559 [wireshark: DCP ETSI dissector crash]
 	RESERVED
-	- wireshark <unfixed> (bug #709167)
+	- wireshark 1.8.7-1 (bug #709167)
 	[squeeze] - wireshark <not-affected> (Only affects 1.8.x)
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2013-27.html
 CVE-2013-3558 [wireshark: PPP CCP dissector crash]
 	RESERVED
-	- wireshark <unfixed> (bug #709167)
+	- wireshark 1.8.7-1 (bug #709167)
 	[squeeze] - wireshark <not-affected> (Only affects 1.8.x)
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2013-26.html
 CVE-2013-3557 [wireshark: ASN.1 BER dissector crash]
 	RESERVED
-	- wireshark <unfixed> (bug #709167)
+	- wireshark 1.8.7-1 (bug #709167)
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2013-25.html
 CVE-2013-3556 [wireshark: ASN.1 BER dissector crash]
 	RESERVED
@@ -229,7 +229,7 @@
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2013-25.html (r48943)
 CVE-2013-3555 [wireshark: GTPv2 dissector crash]
 	RESERVED
-	- wireshark <unfixed> (bug #709167)
+	- wireshark 1.8.7-1 (bug #709167)
 	[squeeze] - wireshark <not-affected> (Only affects 1.8.x)
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2013-24.html
 CVE-2013-3554
@@ -3439,6 +3439,7 @@
 	RESERVED
 	- mediawiki 1:1.19.7+dfsg-1
 	[squeeze] - mediawiki <not-affected> (Vulnerable code not present)
+	[wheezy] - mediawiki <no-dsa> (Minor issue)
 CVE-2013-2113
 	RESERVED
 CVE-2013-2112
@@ -3644,6 +3645,7 @@
 	NOT-FOR-US: YaBB
 CVE-2013-2056
 	RESERVED
+	NOT-FOR-US: RHN Satellite
 CVE-2013-2055
 	RESERVED
 CVE-2013-2054
@@ -4207,8 +4209,10 @@
 	- drupal7 <not-affected> (views module not packaged)
 CVE-2013-1886
 	RESERVED
+	NOT-FOR-US: Red Hat Certificate System
 CVE-2013-1885
 	RESERVED
+	NOT-FOR-US: Red Hat Certificate System
 CVE-2013-1884 (The mod_dav_svn Apache HTTPD server module in Subversion 1.7.0 through ...)
 	- subversion 1.7.9-1 (bug #704940)
 	[wheezy] - subversion <not-affected> (Subversion HTTPD servers 1.7.0 through 1.7.8 (inclusive))
@@ -14005,6 +14009,7 @@
 	- glance 2012.1.1-2 (bug #692641)
 CVE-2012-4572
 	RESERVED
+	- jbossas4 <not-affected> (Only builds a few libraries, not the full application server, #581226)
 CVE-2012-4571 (Python Keyring 0.9.1 does not securely initialize the cipher when ...)
 	- python-keyring 0.9.2-1 (bug #675379)
 	[wheezy] - python-keyring 0.7.1-1+deb7u1