[Secure-testing-commits] r24408 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Fri Nov 22 20:46:35 UTC 2013
Author: carnil
Date: 2013-11-22 20:46:35 +0000 (Fri, 22 Nov 2013)
New Revision: 24408
Modified:
data/CVE/list
Log:
Add two CVE's for drupal6 and drupal7
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-11-22 20:40:57 UTC (rev 24407)
+++ data/CVE/list 2013-11-22 20:46:35 UTC (rev 24408)
@@ -895,10 +895,16 @@
RESERVED
CVE-2013-6387
RESERVED
-CVE-2013-6386
+CVE-2013-6386 [weakness in pseudorandom number generation using mt_rand()]
RESERVED
-CVE-2013-6385
+ - drupal6 <removed>
+ - drupal7 <unfixed>
+ NOTE: https://drupal.org/SA-CORE-2013-003
+CVE-2013-6385 [Multiple vulnerabilities due to optimistic cross-site request forgery protection]
RESERVED
+ - drupal6 <removed>
+ - drupal7 <unfixed>
+ NOTE: https://drupal.org/SA-CORE-2013-003
CVE-2013-6384 [Ceilometer log contains DB password in plain text]
RESERVED
- ceilometer <unfixed>
More information about the Secure-testing-commits
mailing list