[Secure-testing-commits] r22418 - data/CVE

Moritz Muehlenhoff jmm at alioth.debian.org
Thu May 30 21:04:04 UTC 2013 

Author: jmm
Date: 2013-05-30 21:04:04 +0000 (Thu, 30 May 2013)
New Revision: 22418

Modified:
   data/CVE/list
Log:
quagga unimportant/non-reproducible
chicken no-dsa / not-affected
python-pip, python-virtualenv, zope, libdancer-perl: no-dsa



Modified: data/CVE/list
===================================================================
--- data/CVE/list	2013-05-30 19:45:50 UTC (rev 22417)
+++ data/CVE/list	2013-05-30 21:04:04 UTC (rev 22418)
@@ -3712,9 +3712,7 @@
 	RESERVED
 CVE-2013-2075
 	RESERVED
-	- chicken <unfixed> (bug #702410)
-	NOTE: CVE assigned due to incomplete fix for CVE-2012-6122
-	TODO: check if whe have the incomplete fix already applied
+	- chicken <not-affected> (Incomplete fix was never applied)
 CVE-2013-2074 [prints passwords contained in HTTP URLs in error messages]
 	RESERVED
 	- kde4libs <unfixed> (low; bug #707776)
@@ -3895,6 +3893,8 @@
 CVE-2013-2024 [OS command injection vulnerability in Chicken Scheme]
 	RESERVED
 	- chicken <unfixed> (bug #706525)
+	[wheezy] - chicken <no-dsa> (Minor issue)
+	[squeeze] - chicken <no-dsa> (Minor issue)
 	NOTE: http://lists.nongnu.org/archive/html/chicken-announce/2013-04/msg00000.html
 CVE-2013-2023
 	RESERVED
@@ -5149,8 +5149,12 @@
 	RESERVED
 CVE-2013-1629
 	RESERVED
-	- python-pip <unfixed> (medium; bug #710163)
+	- python-pip <unfixed> (low; bug #710163)
+	[wheezy] - python-pip <no-dsa> (Minor issue)
+	[squeeze] - python-pip <no-dsa> (Minor issue)
 	- python-virtualenv 1.9.1-1 (medium; bug #710164)
+	[wheezy] - python-virtualenv <no-dsa> (Minor issue)
+	[squeeze] - python-virtualenv <no-dsa> (Minor issue)
 CVE-2013-1628
 	RESERVED
 CVE-2013-1627 (Absolute path traversal vulnerability in NTWebServer.exe in Indusoft ...)
@@ -11595,6 +11599,7 @@
 CVE-2012-5572 [Dancer::Cookie: Cookie name CRLF injection]
 	RESERVED
 	- libdancer-perl <unfixed> (low; bug #694279)
+	[wheezy] - libdancer-perl <no-dsa> (Minor issue)
 	NOTE: https://github.com/PerlDancer/Dancer/issues/859
 CVE-2012-5571 (OpenStack Keystone Essex (2012.1) and Folsom (2012.2) does not ...)
 	- keystone 2012.1.1-11 (bug #694433)
@@ -11728,7 +11733,8 @@
 	NOTE: http://www.mantisbt.org/bugs/view.php?id=14496
 CVE-2012-5521
 	RESERVED
-	- quagga <unfixed> (bug #693102)
+	- quagga <unfixed> (unimportant; bug #693102)
+	NOTE: Not reproducible so far
 CVE-2012-5520 (The send_to_sourcefire function in manage_sql.c in OpenVAS Manager 3.x ...)
 	NOT-FOR-US: OpenVAS Manager
 CVE-2012-5519 (CUPS 1.4.4, when running in certain Linux distributions such as Debian ...)
@@ -11827,6 +11833,7 @@
 CVE-2012-5489 [ Zope/Plone: Partial restricted Python sandbox escape ]
 	RESERVED
 	- zope2.12 <unfixed> (bug #692899)
+	[wheezy] - zope2.12 <no-dsa> (Minor issue)
 	NOTE: https://plone.org/products/plone/security/advisories/20121106/05
 CVE-2012-5488 [ Zope/Plone: Restricted Python injection ]
 	RESERVED

More information about the Secure-testing-commits mailing list