[Secure-testing-commits] r23783 - data/CVE
Joey Hess
joeyh at alioth.debian.org
Wed Sep 25 21:14:33 UTC 2013
Author: joeyh
Date: 2013-09-25 21:14:33 +0000 (Wed, 25 Sep 2013)
New Revision: 23783
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-09-25 21:06:10 UTC (rev 23782)
+++ data/CVE/list 2013-09-25 21:14:33 UTC (rev 23783)
@@ -1,3 +1,11 @@
+CVE-2013-5936 (The Hazelcast cluster API in Open-Xchange AppSuite 7.0.x before ...)
+ TODO: check
+CVE-2013-5935 (The Hazelcast cluster API in Open-Xchange AppSuite 7.0.x before ...)
+ TODO: check
+CVE-2013-5934 (Open-Xchange AppSuite 7.0.x before 7.0.2-rev15 and 7.2.x before ...)
+ TODO: check
+CVE-2013-5933 (Stack-based buffer overflow in the sub_E110 function in init in a ...)
+ TODO: check
CVE-2013-5932 (Unspecified vulnerability in WebAdmin in Sophos UTM (aka Astaro ...)
NOT-FOR-US: Sophos UTM
CVE-2013-5931 (SQL injection vulnerability in property_listings_detail.php in Real ...)
@@ -362,8 +370,8 @@
RESERVED
CVE-2013-5751 (Directory traversal vulnerability in SAP NetWeaver 7.x allows remote ...)
NOT-FOR-US: SAP NetWeaver 7.x
-CVE-2013-5750
- RESERVED
+CVE-2013-5750 (The login form in the FriendsOfSymfony FOSUserBundle bundle before ...)
+ TODO: check
CVE-2013-5749
RESERVED
CVE-2013-5748
@@ -772,8 +780,7 @@
RESERVED
CVE-2013-5590
RESERVED
-CVE-2013-5634
- RESERVED
+CVE-2013-5634 (arch/arm/kvm/arm.c in the Linux kernel before 3.10 on the ARM ...)
- linux <unfixed>
[wheezy] - linux <not-affected> (KVM for arm introduced in 3.9)
- linux-2.6 <not-affected> (KVM for arm introduced in 3.9)
@@ -1240,8 +1247,8 @@
RESERVED
CVE-2013-5374
RESERVED
-CVE-2013-5373
- RESERVED
+CVE-2013-5373 (The RemoteClient component in IBM Rational ClearCase 8.0.0.03 through ...)
+ TODO: check
CVE-2013-5372
RESERVED
CVE-2013-5371
@@ -1590,8 +1597,7 @@
RESERVED
CVE-2013-5201
RESERVED
-CVE-2013-5200
- RESERVED
+CVE-2013-5200 (The (1) REST and (2) memcache interfaces in the Hazelcast cluster API ...)
- open-xchange <itp> (bug #269329)
CVE-2013-5199
RESERVED
@@ -1759,8 +1765,8 @@
NOT-FOR-US: PHPFox
CVE-2013-5119 (Zimbra Collaboration Suite (ZCS) 6.0.16 and earlier allows ...)
NOT-FOR-US: Zimbra Collaboration Suite
-CVE-2013-5118
- RESERVED
+CVE-2013-5118 (Cross-site scripting (XSS) vulnerability in the Good for Enterprise ...)
+ TODO: check
CVE-2013-5117
RESERVED
CVE-2013-5116
@@ -2515,8 +2521,8 @@
NOT-FOR-US: Siemens Enterprise OpenScape
CVE-2013-4778 (core/getLog.php on the Siemens Enterprise OpenScape Branch appliance ...)
NOT-FOR-US: Siemens Enterprise OpenScape
-CVE-2013-4777
- RESERVED
+CVE-2013-4777 (A certain configuration of Android 2.3.7 on the Motorola Defy XT phone ...)
+ TODO: check
CVE-2013-4776
RESERVED
CVE-2013-4775
@@ -3479,8 +3485,7 @@
- gnupg2 <unfixed> (low; bug #722724)
[squeeze] - gnupg2 <no-dsa> (Minor issue)
[wheezy] - gnupg2 <no-dsa> (Minor issue)
-CVE-2013-4350 [net: sctp: ipv6 ipsec encryption bug in sctp_v6_xmit]
- RESERVED
+CVE-2013-4350 (The IPv6 SCTP implementation in net/sctp/ipv6.c in the Linux kernel ...)
- linux-2.6 <removed>
- linux <unfixed>
NOTE: http://www.openwall.com/lists/oss-security/2013/09/13/2
@@ -3510,8 +3515,7 @@
- linux <unfixed>
CVE-2013-4344
RESERVED
-CVE-2013-4343
- RESERVED
+CVE-2013-4343 (Use-after-free vulnerability in drivers/net/tun.c in the Linux kernel ...)
- linux <unfixed>
[wheezy] - linux <not-affected> (Introduced in 3.8)
- linux-2.6 <not-affected> (Introduced in 3.8)
@@ -3643,8 +3647,7 @@
- mediawiki 1:1.19.8+dfsg-1 (unimportant)
NOTE: Full path disclosure irrelevant in Debian
NOTE: https://bugzilla.wikimedia.org/show_bug.cgi?id=46332
-CVE-2013-4300
- RESERVED
+CVE-2013-4300 (The scm_check_creds function in net/core/scm.c in the Linux kernel ...)
- linux <unfixed>
[wheezy] - linux <not-affected> (Not exploitable by unprivileged users in 3.2)
- linux-2.6 <not-affected> (Not exploitable by unprivileged users in 2.6.32)
@@ -3660,6 +3663,7 @@
NOTE: Introduced with 8aabd597b379db5ae1655e36dff4f10d5622830a, 1.0.6
CVE-2013-4296 [libvirt remote crash]
RESERVED
+ {DSA-2764-1}
- libvirt <unfixed>
[squeeze] - libvirt <not-affected> (Vulnerable code not present, introduced by commit 158ba8730e44b7dd07a21ab90499996c5dec080a)
NOTE: http://libvirt.org/git/?p=libvirt.git;a=commit;h=158ba8730e44b7dd07a21ab90499996c5dec080a
@@ -4531,14 +4535,14 @@
RESERVED
CVE-2013-4026
RESERVED
-CVE-2013-4025
- RESERVED
-CVE-2013-4024
- RESERVED
+CVE-2013-4025 (IBM Data Studio Web Console 3.x before 3.2, Optim Performance Manager ...)
+ TODO: check
+CVE-2013-4024 (IBM Data Studio Web Console 3.x before 3.2, Optim Performance Manager ...)
+ TODO: check
CVE-2013-4023
RESERVED
-CVE-2013-4022
- RESERVED
+CVE-2013-4022 (IBM Data Studio Web Console 3.x before 3.2, Optim Performance Manager ...)
+ TODO: check
CVE-2013-4021
RESERVED
CVE-2013-4020
@@ -9134,8 +9138,7 @@
CVE-2013-2141 (The do_tkill function in kernel/signal.c in the Linux kernel before ...)
- linux-2.6 <removed>
- linux 3.9.4-1
-CVE-2013-2140 [xen/blkback: Check device permissions before allowing OP_DISCARD]
- RESERVED
+CVE-2013-2140 (The dispatch_discard_io function in ...)
- linux-2.6 <not-affected> (Vulnerable code not present)
- linux 3.10.1-1
[wheezy] - linux <not-affected> (Vulnerable code not present)
@@ -10701,6 +10704,7 @@
- icedove <not-affected> (Windows-specific)
- iceape <not-affected> (Windows-specific)
CVE-2013-1705 (Heap-based buffer underflow in the cryptojs_interpret_key_gen_type ...)
+ {DSA-2762-1}
- iceweasel 23.0-1
- iceape <unfixed>
TODO: check
@@ -12438,8 +12442,8 @@
NOT-FOR-US: ubuntu-system-service
CVE-2013-1061
RESERVED
-CVE-2013-1060
- RESERVED
+CVE-2013-1060 (A certain Ubuntu build procedure for perf, as distributed in the Linux ...)
+ TODO: check
CVE-2013-1059 (net/ceph/auth_none.c in the Linux kernel through 3.10 allows remote ...)
{DSA-2745-1}
- linux 3.10.1-1 (low)
@@ -21876,10 +21880,10 @@
TODO: check
CVE-2012-4088
RESERVED
-CVE-2012-4087 (A setup script for fabric interconnect devices in Cisco Unified ...)
+CVE-2012-4087 (A cluster setup script for fabric interconnect devices in Cisco ...)
TODO: check
-CVE-2012-4086
- RESERVED
+CVE-2012-4086 (A setup script for fabric interconnect devices in Cisco Unified ...)
+ TODO: check
CVE-2012-4085 (The Intelligent Platform Management Interface (IPMI) implementation in ...)
TODO: check
CVE-2012-4084
More information about the Secure-testing-commits
mailing list