[Secure-testing-commits] r23724 - data/CVE

Joey Hess joeyh at alioth.debian.org
Wed Sep 18 21:14:27 UTC 2013 

Author: joeyh
Date: 2013-09-18 21:14:27 +0000 (Wed, 18 Sep 2013)
New Revision: 23724

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2013-09-18 20:47:01 UTC (rev 23723)
+++ data/CVE/list	2013-09-18 21:14:27 UTC (rev 23724)
@@ -3072,6 +3072,7 @@
 CVE-2013-4363
 	RESERVED
 CVE-2013-4362 [Insecure use of system]
+	RESERVED
 	- davfs2 <unfixed> (bug #723034)
 	NOTE: http://savannah.nongnu.org/bugs/?40034
 CVE-2013-4361
@@ -4417,8 +4418,8 @@
 	RESERVED
 CVE-2013-3894
 	RESERVED
-CVE-2013-3893
-	RESERVED
+CVE-2013-3893 (Use-after-free vulnerability in the SetMouseCapture implementation in ...)
+	TODO: check
 CVE-2013-3892
 	RESERVED
 CVE-2013-3891
@@ -10134,25 +10135,25 @@
 	RESERVED
 CVE-2013-1739
 	RESERVED
-CVE-2013-1738
-	RESERVED
+CVE-2013-1738 (Use-after-free vulnerability in the JS_GetGlobalForScopeChain function ...)
 	- iceweasel 24.0-1
 	[wheezy] - iceweasel <not-affected> (Only affects Firefox > 17)
 	[squeeze] - iceweasel <end-of-life>
 	- icedove <not-affected> (Only affects Firefox > 17)
 	- iceape <not-affected> (Only affects Firefox > 17)
-CVE-2013-1737
-	RESERVED
-CVE-2013-1736
-	RESERVED
+CVE-2013-1737 (Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, ...)
+	{DSA-2759-1}
+	TODO: check
+CVE-2013-1736 (The nsGfxScrollFrameInner::IsLTR function in Mozilla Firefox before ...)
+	{DSA-2759-1}
 	- iceweasel 24.0-1
 	[squeeze] - iceweasel <end-of-life>
 	- icedove <unfixed>
 	[squeeze] - icedove <end-of-life>
 	- iceape <unfixed>
 	[squeeze] - iceape <end-of-life>
-CVE-2013-1735
-	RESERVED
+CVE-2013-1735 (Use-after-free vulnerability in the mozilla::layout::ScrollbarActivity ...)
+	{DSA-2759-1}
 	- iceweasel 24.0-1
 	[squeeze] - iceweasel <end-of-life>
 	- icedove <unfixed>
@@ -10163,101 +10164,91 @@
 	RESERVED
 CVE-2013-1733
 	RESERVED
-CVE-2013-1732
-	RESERVED
+CVE-2013-1732 (Buffer overflow in the nsFloatManager::GetFlowArea function in Mozilla ...)
+	{DSA-2759-1}
 	- iceweasel 24.0-1
 	[squeeze] - iceweasel <end-of-life>
 	- icedove <unfixed>
 	[squeeze] - icedove <end-of-life>
 	- iceape <unfixed>
 	[squeeze] - iceape <end-of-life>
-CVE-2013-1731
-	RESERVED
+CVE-2013-1731 (Untrusted search path vulnerability in the GL tracing functionality in ...)
 	- iceweasel <not-affected> (Android-specific)
 	- icedove <not-affected> (Android-specific)
 	- iceape <not-affected> (Android-specific)
-CVE-2013-1730
-	RESERVED
+CVE-2013-1730 (Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, ...)
+	{DSA-2759-1}
 	- iceweasel 24.0-1
 	[squeeze] - iceweasel <end-of-life>
 	- icedove <unfixed>
 	[squeeze] - icedove <end-of-life>
 	- iceape <unfixed>
 	[squeeze] - iceape <end-of-life>
-CVE-2013-1729
-	RESERVED
+CVE-2013-1729 (The WebGL implementation in Mozilla Firefox before 24.0, when NVIDIA ...)
 	- iceweasel <not-affected> (MacOS-specific)
 	- icedove <not-affected> (MacOS-specific)
 	- iceape <not-affected> (MacOS-specific)
-CVE-2013-1728
-	RESERVED
+CVE-2013-1728 (The IonMonkey JavaScript engine in Mozilla Firefox before 24.0, ...)
 	- iceweasel 24.0-1
 	[wheezy] - iceweasel <not-affected> (Only affects Firefox > 17)
 	[squeeze] - iceweasel <end-of-life>
 	- icedove <not-affected> (Only affects Firefox > 17)
 	- iceape <not-affected> (Only affects Firefox > 17)
-CVE-2013-1727
-	RESERVED
+CVE-2013-1727 (Mozilla Firefox before 24.0 on Android allows attackers to bypass the ...)
 	- iceweasel <not-affected> (Android-specific)
 	- icedove <not-affected> (Android-specific)
 	- iceape <not-affected> (Android-specific)
-CVE-2013-1726
-	RESERVED
+CVE-2013-1726 (Mozilla Updater in Mozilla Firefox before 24.0, Firefox ESR 17.x ...)
 	- iceweasel <not-affected> (Updater not used in Debian)
 	- icedove <not-affected> (Updater not used in Debian)
 	- iceape <not-affected> (Updater not used in Debian)
-CVE-2013-1725
-	RESERVED
+CVE-2013-1725 (Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, ...)
+	{DSA-2759-1}
 	- iceweasel 24.0-1
 	[squeeze] - iceweasel <end-of-life>
 	- icedove <unfixed>
 	[squeeze] - icedove <end-of-life>
 	- iceape <unfixed>
 	[squeeze] - iceape <end-of-life>
-CVE-2013-1724
-	RESERVED
+CVE-2013-1724 (Use-after-free vulnerability in the ...)
 	- iceweasel 24.0-1
 	[wheezy] - iceweasel <not-affected> (Only affects Firefox > 17)
 	[squeeze] - iceweasel <end-of-life>
 	- icedove <not-affected> (Only affects Firefox > 17)
 	- iceape <not-affected> (Only affects Firefox > 17)
-CVE-2013-1723
-	RESERVED
+CVE-2013-1723 (The NativeKey widget in Mozilla Firefox before 24.0, Thunderbird ...)
 	- iceweasel 24.0-1
 	[wheezy] - iceweasel <not-affected> (Only affects Firefox > 17)
 	[squeeze] - iceweasel <end-of-life>
 	- icedove <not-affected> (Only affects Firefox > 17)
 	- iceape <not-affected> (Only affects Firefox > 17)
-CVE-2013-1722
-	RESERVED
+CVE-2013-1722 (Use-after-free vulnerability in the ...)
+	{DSA-2759-1}
 	- iceweasel 24.0-1
 	[squeeze] - iceweasel <end-of-life>
 	- icedove <unfixed>
 	[squeeze] - icedove <end-of-life>
 	- iceape <unfixed>
 	[squeeze] - iceape <end-of-life>
-CVE-2013-1721
-	RESERVED
+CVE-2013-1721 (Integer overflow in the drawLineLoop function in the libGLESv2 library ...)
 	- iceweasel 24.0-1
 	[wheezy] - iceweasel <not-affected> (Only affects Firefox > 17)
 	[squeeze] - iceweasel <end-of-life>
 	- iceape <not-affected> (Only affects Firefox > 17)
-CVE-2013-1720
-	RESERVED
+CVE-2013-1720 (The nsHtml5TreeBuilder::resetTheInsertionMode function in the HTML5 ...)
 	- iceweasel 24.0-1
 	[wheezy] - iceweasel <not-affected> (Only affects Firefox > 17)
 	[squeeze] - iceweasel <end-of-life>
 	- icedove <not-affected> (Only affects Firefox > 17)
 	- iceape <not-affected> (Only affects Firefox > 17)
-CVE-2013-1719
-	RESERVED
+CVE-2013-1719 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
 	- iceweasel 24.0-1
 	[wheezy] - iceweasel <not-affected> (Only affects Firefox > 17)
 	[squeeze] - iceweasel <end-of-life>
 	- icedove <not-affected> (Only affects Firefox > 17)
 	- iceape <not-affected> (Only affects Firefox > 17)
-CVE-2013-1718
-	RESERVED
+CVE-2013-1718 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+	{DSA-2759-1}
 	- iceweasel 24.0-1
 	[squeeze] - iceweasel <end-of-life>
 	- icedove <unfixed>
@@ -20331,9 +20322,11 @@
 	NOTE: 0.4-only issue, fixed in newest upstream 0.4.9
 CVE-2012-4503 [Uninitialized data in command replies]
 	RESERVED
+	{DSA-2760-1}
 	- chrony <unfixed> (bug #719203)
 CVE-2012-4502 [Buffer overflow when processing crafted command packets]
 	RESERVED
+	{DSA-2760-1}
 	- chrony <unfixed> (bug #719203)
 CVE-2012-4501 (Citrix Cloud.com CloudStack, and Apache CloudStack pre-release, allows ...)
 	NOT-FOR-US: CloudStack

More information about the Secure-testing-commits mailing list