[Secure-testing-commits] r24086 - data/CVE

Salvatore Bonaccorso carnil at alioth.debian.org
Sun Oct 20 21:55:02 UTC 2013


Author: carnil
Date: 2013-10-20 21:55:02 +0000 (Sun, 20 Oct 2013)
New Revision: 24086

Modified:
   data/CVE/list
Log:
Update entry for CVE-2013-4261/nova

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2013-10-20 21:46:52 UTC (rev 24085)
+++ data/CVE/list	2013-10-20 21:55:02 UTC (rev 24086)
@@ -4361,12 +4361,9 @@
 	- subversion <not-affected> (Optional admin-side utilities in Subversion 1.8.x)
 CVE-2013-4261 [DoS]
 	RESERVED
-	- nova <unfixed>
-	NOTE: Advisory mentions that affects Folsom and Grizzly, but 2012.1.1 seems to have similar
-	NOTE: code in nova/rpc/impl_qpid.py
+	- nova 2013.2-1
 	NOTE: https://bugs.launchpad.net/nova/+bug/1215091/comments/10 (relevant question for other components)
-	NOTE: experimental nova/2013.2~rc1-1 contains the fix
-	TODO: check
+	NOTE: According to https://wiki.openstack.org/wiki/ReleaseNotes/2013.1.4 only fixed in 2013.1.4 for grizzly
 CVE-2013-4260 (lib/ansible/playbook/__init__.py in Ansible 1.2.x before 1.2.3, when ...)
 	- ansible <not-affected> (affected code introduced with ansible 1.2)
 CVE-2013-4259 (runner/connection_plugins/ssh.py in Ansible before 1.2.3, when using ...)




More information about the Secure-testing-commits mailing list