[Secure-testing-commits] r24249 - data/CVE

Joey Hess joeyh at alioth.debian.org
Fri Nov 1 21:14:28 UTC 2013 

Author: joeyh
Date: 2013-11-01 21:14:28 +0000 (Fri, 01 Nov 2013)
New Revision: 24249

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2013-11-01 18:20:57 UTC (rev 24248)
+++ data/CVE/list	2013-11-01 21:14:28 UTC (rev 24249)
@@ -1,3 +1,105 @@
+CVE-2013-6340
+	RESERVED
+CVE-2013-6339
+	RESERVED
+CVE-2013-6338
+	RESERVED
+CVE-2013-6337
+	RESERVED
+CVE-2013-6336
+	RESERVED
+CVE-2013-6335
+	RESERVED
+CVE-2013-6334
+	RESERVED
+CVE-2013-6333
+	RESERVED
+CVE-2013-6332
+	RESERVED
+CVE-2013-6331
+	RESERVED
+CVE-2013-6330
+	RESERVED
+CVE-2013-6329
+	RESERVED
+CVE-2013-6328
+	RESERVED
+CVE-2013-6327
+	RESERVED
+CVE-2013-6326
+	RESERVED
+CVE-2013-6325
+	RESERVED
+CVE-2013-6324
+	RESERVED
+CVE-2013-6323
+	RESERVED
+CVE-2013-6322
+	RESERVED
+CVE-2013-6321
+	RESERVED
+CVE-2013-6320
+	RESERVED
+CVE-2013-6319
+	RESERVED
+CVE-2013-6318
+	RESERVED
+CVE-2013-6317
+	RESERVED
+CVE-2013-6316
+	RESERVED
+CVE-2013-6315
+	RESERVED
+CVE-2013-6314
+	RESERVED
+CVE-2013-6313
+	RESERVED
+CVE-2013-6312
+	RESERVED
+CVE-2013-6311
+	RESERVED
+CVE-2013-6310
+	RESERVED
+CVE-2013-6309
+	RESERVED
+CVE-2013-6308
+	RESERVED
+CVE-2013-6307
+	RESERVED
+CVE-2013-6306
+	RESERVED
+CVE-2013-6305
+	RESERVED
+CVE-2013-6304
+	RESERVED
+CVE-2013-6303
+	RESERVED
+CVE-2013-6302
+	RESERVED
+CVE-2013-6301
+	RESERVED
+CVE-2013-6300
+	RESERVED
+CVE-2013-6299
+	RESERVED
+CVE-2013-6298
+	RESERVED
+CVE-2013-6297
+	RESERVED
+CVE-2013-6296
+	RESERVED
+CVE-2013-6295
+	RESERVED
+CVE-2013-6294
+	RESERVED
+CVE-2013-6293
+	RESERVED
+CVE-2013-6292
+	RESERVED
+CVE-2013-6291
+	RESERVED
+CVE-2013-6290
+	RESERVED
 CVE-2013-6287
 	RESERVED
 CVE-2013-6286
@@ -1559,71 +1661,61 @@
 	RESERVED
 CVE-2013-5605
 	RESERVED
-CVE-2013-5604
-	RESERVED
+CVE-2013-5604 (The txXPathNodeUtils::getBaseURI function in the XSLT processor in ...)
 	{DSA-2788-1}
 	- iceweasel <unfixed>
 	[squeeze] - iceweasel <end-of-life>
 	- icedove <unfixed>
 	- iceape <unfixed>
-CVE-2013-5603
-	RESERVED
+CVE-2013-5603 (Use-after-free vulnerability in the ...)
 	- iceweasel <unfixed>
 	[wheezy] - iceweasel <not-affected> (Only affects Firefox > 17)
 	[squeeze] - iceweasel <end-of-life>
 	- icedove <not-affected> (Only affects Firefox > 17)
 	- iceape <not-affected> (Only affects Firefox > 17)
-CVE-2013-5602
-	RESERVED
+CVE-2013-5602 (The Worker::SetEventListener function in the Web workers ...)
 	{DSA-2788-1}
 	- iceweasel <unfixed>
 	[squeeze] - iceweasel <end-of-life>
 	- icedove <unfixed>
 	- iceape <unfixed>
-CVE-2013-5601
-	RESERVED
+CVE-2013-5601 (Use-after-free vulnerability in the ...)
 	{DSA-2788-1}
 	- iceweasel <unfixed>
 	[squeeze] - iceweasel <end-of-life>
 	- icedove <unfixed>
 	- iceape <unfixed>
-CVE-2013-5600
-	RESERVED
+CVE-2013-5600 (Use-after-free vulnerability in the ...)
 	{DSA-2788-1}
 	- iceweasel <unfixed>
 	[squeeze] - iceweasel <end-of-life>
 	- icedove <unfixed>
 	- iceape <unfixed>
-CVE-2013-5599
-	RESERVED
+CVE-2013-5599 (Use-after-free vulnerability in the nsIPresShell::GetPresContext ...)
 	{DSA-2788-1}
 	- iceweasel <unfixed>
 	[squeeze] - iceweasel <end-of-life>
 	- icedove <unfixed>
 	- iceape <unfixed>
-CVE-2013-5598
-	RESERVED
+CVE-2013-5598 (PDF.js in Mozilla Firefox before 25.0 and Firefox ESR 24.x before 24.1 ...)
 	- iceweasel <unfixed>
 	[wheezy] - iceweasel <not-affected> (Only affects Firefox >=24)
 	[squeeze] - iceweasel <end-of-life>
 	- icedove <not-affected> (Only affects Firefox >=24)
 	- iceape <not-affected> (Only affects Firefox >=24)
-CVE-2013-5597
-	RESERVED
+CVE-2013-5597 (Use-after-free vulnerability in the nsDocLoader::doStopDocumentLoad ...)
 	{DSA-2788-1}
 	- iceweasel <unfixed>
 	[squeeze] - iceweasel <end-of-life>
 	- icedove <unfixed>
 	- iceape <unfixed>
-CVE-2013-5596
-	RESERVED
+CVE-2013-5596 (The cycle collection (CC) implementation in Mozilla Firefox before ...)
 	- iceweasel <unfixed>
 	[wheezy] - iceweasel <not-affected> (Only affects Firefox > 17)
 	[squeeze] - iceweasel <end-of-life>
 	- icedove <not-affected> (Only affects Firefox > 17)
 	- iceape <not-affected> (Only affects Firefox > 17)
-CVE-2013-5595
-	RESERVED
+CVE-2013-5595 (The JavaScript engine in Mozilla Firefox before 25.0, Firefox ESR 17.x ...)
 	{DSA-2788-1}
 	- iceweasel <unfixed>
 	[squeeze] - iceweasel <end-of-life>
@@ -1631,29 +1723,25 @@
 	- iceape <unfixed>
 CVE-2013-5594
 	RESERVED
-CVE-2013-5593
-	RESERVED
+CVE-2013-5593 (The SELECT element implementation in Mozilla Firefox before 25.0, ...)
 	- iceweasel <unfixed>
 	[wheezy] - iceweasel <not-affected> (Only affects Firefox > 17)
 	[squeeze] - iceweasel <end-of-life>
 	- icedove <not-affected> (Only affects Firefox > 17)
 	- iceape <not-affected> (Only affects Firefox > 17)
-CVE-2013-5592
-	RESERVED
+CVE-2013-5592 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
 	- iceweasel <unfixed>
 	[wheezy] - iceweasel <not-affected> (Only affects Firefox >=24)
 	[squeeze] - iceweasel <end-of-life>
 	- icedove <unfixed>
 	- iceape <unfixed>
-CVE-2013-5591
-	RESERVED
+CVE-2013-5591 (Unspecified vulnerability in the browser engine in Mozilla Firefox ...)
 	- iceweasel <unfixed>
 	[wheezy] - iceweasel <not-affected> (Only affects Firefox >=24)
 	[squeeze] - iceweasel <end-of-life>
 	- icedove <unfixed>
 	- iceape <unfixed>
-CVE-2013-5590
-	RESERVED
+CVE-2013-5590 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
 	{DSA-2788-1}
 	- iceweasel <unfixed>
 	[squeeze] - iceweasel <end-of-life>
@@ -1761,32 +1849,32 @@
 	RESERVED
 CVE-2013-5556
 	RESERVED
-CVE-2013-5555
-	RESERVED
+CVE-2013-5555 (Cisco Unified Communications Manager (aka CUCM or Unified CM) allows ...)
+	TODO: check
 CVE-2013-5554
 	RESERVED
 CVE-2013-5553
 	RESERVED
 CVE-2013-5552
 	RESERVED
-CVE-2013-5551
-	RESERVED
+CVE-2013-5551 (Cisco Adaptive Security Appliance (ASA) Software, when certain ...)
+	TODO: check
 CVE-2013-5550 (The fabric-interconnect component in Cisco Unified Computing System ...)
 	NOT-FOR-US: Cisco Unified Computing System
 CVE-2013-5549 (Cisco IOS XR 3.8.1 through 4.2.0 does not properly process fragmented ...)
 	NOT-FOR-US: Cisco IOS XR
-CVE-2013-5548
-	RESERVED
-CVE-2013-5547
-	RESERVED
-CVE-2013-5546
-	RESERVED
-CVE-2013-5545
-	RESERVED
+CVE-2013-5548 (The IKEv2 implementation in Cisco IOS, when AES-GCM or AES-GMAC is ...)
+	TODO: check
+CVE-2013-5547 (Cisco IOS XE 3.9 before 3.9.2S on 1000 ASR devices allows remote ...)
+	TODO: check
+CVE-2013-5546 (The TCP reassembly feature in Cisco IOS XE 3.7 before 3.7.3S and 3.8 ...)
+	TODO: check
+CVE-2013-5545 (The PPTP ALG implementation in Cisco IOS XE 3.9 before 3.9.2S on 1000 ...)
+	TODO: check
 CVE-2013-5544 (The VPN authentication functionality in Cisco Adaptive Security ...)
 	NOT-FOR-US: Cisco Adaptive Security Appliance
-CVE-2013-5543
-	RESERVED
+CVE-2013-5543 (Cisco IOS XE 3.4 before 3.4.2S and 3.5 before 3.5.1S on 1000 ASR ...)
+	TODO: check
 CVE-2013-5542 (Cisco Adaptive Security Appliance (ASA) Software 8.4 before 8.4(7.2), ...)
 	NOT-FOR-US: Cisco Adaptive Security Appliance
 CVE-2013-5541 (Cross-site scripting (XSS) vulnerability in the file-upload interface ...)
@@ -2009,8 +2097,8 @@
 	RESERVED
 CVE-2013-5432
 	RESERVED
-CVE-2013-5431
-	RESERVED
+CVE-2013-5431 (Open redirect vulnerability in IBM Tivoli Federated Identity Manager ...)
+	TODO: check
 CVE-2013-5430 (The Jazz Team Server component in IBM Security AppScan Enterprise 8.x ...)
 	NOT-FOR-US: IBM Security AppScan Enterprise
 CVE-2013-5429
@@ -3579,8 +3667,8 @@
 	RESERVED
 CVE-2013-4714
 	RESERVED
-CVE-2013-4713
-	RESERVED
+CVE-2013-4713 (Cross-site scripting (XSS) vulnerability in I-O DATA DEVICE RockDisk ...)
+	TODO: check
 CVE-2013-4712 (I-O DATA DEVICE HDL-A and HDL2-A devices with firmware 1.07 and ...)
 	NOT-FOR-US: I-O DATA DEVICE HDL-A and HDL2-A devices
 CVE-2013-4711 (Cross-site scripting (XSS) vulnerability in Accela BizSearch 3.2 on ...)
@@ -4069,8 +4157,7 @@
 	RESERVED
 CVE-2013-4485
 	RESERVED
-CVE-2013-4484 [crashes if GET consists from whitespaces only]
-	RESERVED
+CVE-2013-4484 (Varnish before 3.0.5 allows remote attackers to cause a denial of ...)
 	- varnish <unfixed>
 	NOTE: https://www.varnish-cache.org/trac/ticket/1367
 CVE-2013-4483 [ipc: ipc_rcu_putref refcount races]
@@ -4835,8 +4922,7 @@
 CVE-2013-4262 [svnwcsub.py and irkerbridge.py are vulnerable to symlink attack]
 	RESERVED
 	- subversion <not-affected> (Optional admin-side utilities in Subversion 1.8.x)
-CVE-2013-4261 [DoS]
-	RESERVED
+CVE-2013-4261 (OpenStack Compute (Nova) Folsom, Grizzly, and earlier, when using ...)
 	- nova 2013.2-1
 	NOTE: https://bugs.launchpad.net/nova/+bug/1215091/comments/10 (relevant question for other components)
 	NOTE: probably does not affect Essex/2012.1, see https://bugs.launchpad.net/nova/+bug/1215091/comments/6
@@ -5104,8 +5190,7 @@
 	NOT-FOR-US: Flippy Contributed Drupal module
 CVE-2013-4186
 	RESERVED
-CVE-2013-4185 [Denial of Service in Nova network source security groups]
-	RESERVED
+CVE-2013-4185 (Algorithmic complexity vulnerability in OpenStack Compute (Nova) ...)
 	- nova 2013.1.2-3 (bug #718907)
 CVE-2013-4184 [symlink attacks]
 	RESERVED
@@ -6473,8 +6558,8 @@
 	RESERVED
 CVE-2013-3631
 	RESERVED
-CVE-2013-3630
-	RESERVED
+CVE-2013-3630 (Moodle through 2.5.2 allows remote authenticated administrators to ...)
+	TODO: check
 CVE-2013-3629
 	RESERVED
 CVE-2013-3628

More information about the Secure-testing-commits mailing list