[Secure-testing-commits] r23545 - data/CVE

Moritz Muehlenhoff jmm at alioth.debian.org
Wed Sep 4 13:07:35 UTC 2013 

Author: jmm
Date: 2013-09-04 13:07:34 +0000 (Wed, 04 Sep 2013)
New Revision: 23545

Modified:
   data/CVE/list
Log:
kernel updates for oldstable/stable


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2013-09-04 08:10:39 UTC (rev 23544)
+++ data/CVE/list	2013-09-04 13:07:34 UTC (rev 23545)
@@ -9082,10 +9082,16 @@
 	- linux-2.6 <not-affected> (Introduced in 3.7)
 CVE-2013-1958 (The scm_check_creds function in net/core/scm.c in the Linux kernel ...)
 	- linux 3.8.13-1
+	[wheezy] - linux <not-affected> (Not exploitable by unprivileged users)
+	- linux-2.6 <not-affected> (Not exploitable by unprivileged users)
 CVE-2013-1957 (The clone_mnt function in fs/namespace.c in the Linux kernel before ...)
 	- linux 3.8.13-1
+	[wheezy] - linux <not-affected> (Not exploitable by unprivileged users)
+	- linux-2.6 <not-affected> (Not exploitable by unprivileged users)
 CVE-2013-1956 (The create_user_ns function in kernel/user_namespace.c in the Linux ...)
 	- linux 3.8.11-1
+	[wheezy] - linux <not-affected> (Not exploitable by unprivileged users)
+	- linux-2.6 <not-affected> (Not exploitable by unprivileged users)
 CVE-2013-1955 (Multiple cross-site scripting (XSS) vulnerabilities in (1) index.php ...)
 	NOT-FOR-US: Easy PHP Calendar
 CVE-2013-1954 (The ASF Demuxer (modules/demux/asf/asf.c) in VideoLAN VLC media player ...)
@@ -25415,7 +25421,9 @@
 CVE-2012-2376 (Buffer overflow in the com_print_typeinfo function in PHP 5.4.3 and ...)
 	- php5 <not-affected> (Windows-specific vulnerability)
 CVE-2012-2375 (The __nfs4_get_acl_uncached function in fs/nfs/nfs4proc.c in the NFSv4 ...)
-	- linux-2.6 3.2.19-1
+	- linux 3.2.19-1
+	- linux-2.6 <removed>
+	[squeeze] - linux-2.6 <not-affected> (Incomplete patch was not released)
 CVE-2012-2374 (CRLF injection vulnerability in the ...)
 	- python-tornado 2.1.0-3 (low; bug #673987)
 	[squeeze] - python-tornado <not-affected> (Vulnerable code not present)
@@ -33992,7 +34000,9 @@
 	- linux-2.6 3.1.6-1
 	[squeeze] - linux-2.6 2.6.32-40
 CVE-2011-4131 (The NFSv4 implementation in the Linux kernel before 3.2.2 does not ...)
-	- linux-2.6 3.2.9-1
+	- linux 3.2.9-1 (low)
+	- linux-2.6 <removed>
+	[squeeze] - linux-2.6 <no-dsa> (Too intrusive to backport, minor impact)
 CVE-2011-4130 (Use-after-free vulnerability in the Response API in ProFTPD before ...)
 	{DSA-2346-2 DSA-2346-1}
 	- proftpd-dfsg 1.3.4~rc3-2 (high; bug #648373)

More information about the Secure-testing-commits mailing list