[Secure-testing-commits] r23842 - data/CVE
Moritz Muehlenhoff
jmm at alioth.debian.org
Tue Oct 1 07:53:13 UTC 2013
Author: jmm
Date: 2013-10-01 07:53:12 +0000 (Tue, 01 Oct 2013)
New Revision: 23842
Modified:
data/CVE/list
Log:
new systemd issues (at least one is N/A for wheezy)
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-10-01 07:18:39 UTC (rev 23841)
+++ data/CVE/list 2013-10-01 07:53:12 UTC (rev 23842)
@@ -1,3 +1,16 @@
+CVE-2013-XXXX [systemd: Integer overflow, leading to heap-based buffer overflow by processing native messages]
+ - systemd <unfixed>
+ [wheezy] - systemd <not-affected> (Vulnerable code not present)
+ NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=859051
+CVE-2013-XXXX [systemd: TOCTOU race condition when updating file permissions and SELinux security contexts]
+ - systemd <unfixed>
+ NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=859060
+CVE-2013-XXXX [systemd: Possibility of denial of logging service by processing native messages from file]
+ - systemd <unfixed>
+ NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=859104
+CVE-2013-XXXX [systemd: Improper sanitization of invalid XKB layouts descriptions]
+ - systemd <unfixed>
+ NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=862324
CVE-2013-5960 (The authenticated-encryption feature in the symmetric-encryption ...)
TODO: check
CVE-2013-5958
More information about the Secure-testing-commits
mailing list