[Secure-testing-commits] r24387 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Thu Nov 21 10:15:35 UTC 2013
Author: jmm
Date: 2013-11-21 10:15:21 +0000 (Thu, 21 Nov 2013)
New Revision: 24387
Modified:
data/CVE/list
Log:
nginx/oldstable not-affected
grub unimportant
mod-nss no-dsa
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-11-21 09:49:46 UTC (rev 24386)
+++ data/CVE/list 2013-11-21 10:15:21 UTC (rev 24387)
@@ -5040,7 +5040,8 @@
RESERVED
CVE-2013-4577 [should set safer permissions even when hashed passwords are found]
RESERVED
- - grub2 2.00-20 (bug #632598)
+ - grub2 2.00-20 (unimportant; bug #632598)
+ NOTE: Additional hardening for rare setups, not a vulnerability
CVE-2013-4576
RESERVED
CVE-2013-4575 (Heap-based buffer overflow in the utility program in the Linux agent ...)
@@ -5138,6 +5139,7 @@
CVE-2013-4547 [security restrictions bypass]
RESERVED
- nginx <unfixed> (bug #730012)
+ [squeeze] - nginx <not-affected> (Only applies to 0.8.41 - 1.5.6)
CVE-2013-4546 [remote command execution]
RESERVED
- gitlab <itp> (bug #651606)
@@ -34213,7 +34215,8 @@
RESERVED
CVE-2011-4973 [mod_nss FakeBasicAuth authentication bypass]
RESERVED
- - libapache2-mod-nss <unfixed> (bug #729626)
+ - libapache2-mod-nss <unfixed> (low; bug #729626)
+ [wheezy] - libapache2-mod-nss <no-dsa> (Minor issue)
NOTE: https://www.redhat.com/archives/mod_nss-list/2011-May/msg00001.html
NOTE: https://git.fedorahosted.org/cgit/mod_nss.git/commit/?id=a6c3370491ae1d3bc552e8de9353c82f73e510e3
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1017197
More information about the Secure-testing-commits
mailing list