[Secure-testing-commits] r23602 - in data: . CVE

Moritz Muehlenhoff jmm at alioth.debian.org
Tue Sep 10 06:18:40 UTC 2013 

Author: jmm
Date: 2013-09-10 06:18:39 +0000 (Tue, 10 Sep 2013)
New Revision: 23602

Modified:
   data/CVE/list
   data/dsa-needed.txt
Log:
ffmpeg N/A for one squeeze issue
typo3 CVEfied
dsa needed for torque


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2013-09-10 05:44:00 UTC (rev 23601)
+++ data/CVE/list	2013-09-10 06:18:39 UTC (rev 23602)
@@ -2,10 +2,6 @@
 	RESERVED
 CVE-2013-5709
 	RESERVED
-CVE-2013-XXXX [TYPO3 Core: Cross-Site Scripting, Remote Code Execution]
-	- typo3 <not-affected> (All versions from 6.0.0 up to the development branch of 6.2)
-CVE-2013-XXXX [TYPO3 File Abstraction Layer: Remote Code Execution]
-	- typo3 <not-affected> (All versions from 6.0.0 up to the development branch of 6.2)
 CVE-2013-5708 (Coursemill Learning Management System (LMS) 6.8 constructs secret ...)
 	NOT-FOR-US: Coursemill Learning Management System
 CVE-2013-5707 (Multiple cross-site scripting (XSS) vulnerabilities in Coursemill ...)
@@ -3045,10 +3041,12 @@
 	RESERVED
 CVE-2013-4322
 	RESERVED
-CVE-2013-4321
+CVE-2013-4321 [TYPO3 File Abstraction Layer: Remote Code Execution]
 	RESERVED
-CVE-2013-4320
+	- typo3 <not-affected> (All versions from 6.0.0 up to the development branch of 6.2)
+CVE-2013-4320 [TYPO3 Core: Cross-Site Scripting, Remote Code Execution]
 	RESERVED
+	- typo3 <not-affected> (All versions from 6.0.0 up to the development branch of 6.2)
 CVE-2013-4319 [Torque privilege escalation]
 	RESERVED
 	- torque <unfixed> (bug #722306)
@@ -12361,7 +12359,7 @@
 	NOTE: Needed in ffmpeg 0.5
 CVE-2013-0853 [libavcodec/wavpack.c out of array access]
 	RESERVED
-	- ffmpeg <removed>
+	- ffmpeg <not-affected> (Vulnerability introduced later)
 	- libav 6:0.8.8-1 (bug #717009)
 	NOTE: Fix in ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=be818df547c3b0ae4fadb50fd210139a8636706a
 	NOTE: Fix in libav: http://git.libav.org/?p=libav.git;a=commit;h=ed50673066956d6f2201a57c3254569f2ab08d9d

Modified: data/dsa-needed.txt
===================================================================
--- data/dsa-needed.txt	2013-09-10 05:44:00 UTC (rev 23601)
+++ data/dsa-needed.txt	2013-09-10 06:18:39 UTC (rev 23602)
@@ -80,6 +80,8 @@
 --
 tomcat7/stable (jmm)
 --
+torque
+--
 vlc
   it probably makes sense to update to the 2.0.x point releases
 --

More information about the Secure-testing-commits mailing list