[Secure-testing-commits] r23733 - data/CVE
Raphael Geissert
atomo64-guest at alioth.debian.org
Thu Sep 19 07:53:23 UTC 2013
Author: atomo64-guest
Date: 2013-09-19 07:53:23 +0000 (Thu, 19 Sep 2013)
New Revision: 23733
Modified:
data/CVE/list
Log:
linux, libvirt, librsvg
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-09-19 07:45:10 UTC (rev 23732)
+++ data/CVE/list 2013-09-19 07:53:23 UTC (rev 23733)
@@ -3141,8 +3141,11 @@
[wheezy] - python-oauth2 <no-dsa> (Minor issue)
NOTE: http://www.openwall.com/lists/oss-security/2013/09/12/5
NOTE: https://github.com/simplegeo/python-oauth2/issues/129
-CVE-2013-4345
+CVE-2013-4345 [ansi_cprng off-by-one]
RESERVED
+ - linux-2.6 <removed>
+ - linux <unfixed>
+ TODO: check
CVE-2013-4344
RESERVED
CVE-2013-4343
@@ -3290,6 +3293,8 @@
NOTE: Introduced with 8aabd597b379db5ae1655e36dff4f10d5622830a, 1.0.6
CVE-2013-4296
RESERVED
+ - libvirt <unfixed>
+ TODO: check
CVE-2013-4295
RESERVED
CVE-2013-4294 [Token revocation failure using Keystone memcache/KVS backends]
@@ -9688,8 +9693,10 @@
NOTE: http://www.openwall.com/lists/oss-security/2013/03/21/3
CVE-2013-1882
RESERVED
-CVE-2013-1881
+CVE-2013-1881 [local resource access vulnerability due to XXE]
RESERVED
+ - librsvg <unfixed>
+ TODO: check
CVE-2013-1880 [XSS vulnerability in portfolioPublish demo application]
RESERVED
- activemq <not-affected> (portfolio demo app not shipped in Debian package)
More information about the Secure-testing-commits
mailing list