[Secure-testing-commits] r25752 - in data: . CVE

[Thijs Kinkhorst]

Author: thijs
Date: 2014-02-15 11:57:42 +0000 (Sat, 15 Feb 2014)
New Revision: 25752

Modified:
   data/CVE/list
   data/next-oldstable-point-update.txt
Log:
squeeze point update


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2014-02-15 09:20:41 UTC (rev 25751)
+++ data/CVE/list	2014-02-15 11:57:42 UTC (rev 25752)
@@ -1251,7 +1251,7 @@
 	NOTE: Only exploitable during build time
 CVE-2014-1638 ((1) debian/postrm and (2) debian/localepurge.config in localepurge ...)
 	- localepurge 0.7.3.2 (bug #736359)
-	[squeeze] - localepurge <no-dsa> (Minor issue)
+	[squeeze] - localepurge 0.6.2+nmu1+squeeze1
 	[wheezy] - localepurge 0.6.3+deb7u1
 CVE-2014-1626 (XML External Entity (XXE) vulnerability in MARC::File::XML module ...)
 	- libmarc-xml-perl 1.0.2-1 (bug #736275)
@@ -1388,7 +1388,7 @@
 CVE-2013-7303 (Multiple cross-site scripting (XSS) vulnerabilities in (1) ...)
 	- spip 3.0.13-1 (bug #736170)
 	[wheezy] - spip 2.1.17-1+deb7u3
-	[squeeze] - spip <no-dsa> (Minor issue)
+	[squeeze] - spip 2.1.1-3squeeze8
 CVE-2013-7302
 	RESERVED
 	NOT-FOR-US: Drupal contrib
@@ -2413,7 +2413,7 @@
 CVE-2013-7262 (SQL injection vulnerability in the msPostGISLayerSetTimeFilter ...)
 	- mapserver 6.4.1-1 (low; bug #734565)
 	[wheezy] - mapserver 6.0.1-3.2+deb7u2
-	[squeeze] - mapserver <no-dsa> (Minor issue)
+	[squeeze] - mapserver 5.6.5-2+squeeze3
 	NOTE: https://github.com/mapserver/mapserver/issues/4834
 CVE-2013-7261
 	RESERVED
@@ -6391,7 +6391,7 @@
 	NOTE: only if applied original patch for CVE-2012-0786
 CVE-2013-6411 (The HandleCrashedAircraft function in aircraft_cmd.cpp in OpenTTD ...)
 	- openttd 1.3.3-1 (low)
-	[squeeze] - openttd <no-dsa> (Minor issue)
+	[squeeze] - openttd 1.0.4-7
 	[wheezy] - openttd 1.2.1-3
 	NOTE: http://bugs.openttd.org/task/5820
 CVE-2013-6410 (nbd-server in Network Block Device (nbd) before 3.5 does not properly ...)
@@ -17023,7 +17023,7 @@
 CVE-2013-2217 (cache.py in Suds 0.4, when tempdir is set to None, allows local users ...)
 	- suds 0.4.1-8 (low; bug #714340)
 	[wheezy] - suds <no-dsa> (Minor issue)
-	[squeeze] - suds <no-dsa> (Minor issue)
+	[squeeze] - suds 0.3.9-1+deb6u1
 CVE-2013-2216
 	RESERVED
 CVE-2013-2215
@@ -18127,7 +18127,7 @@
 CVE-2013-1896 (mod_dav.c in the Apache HTTP Server before 2.2.25 does not properly ...)
 	- apache2 2.4.6-1 (low; bug #717272)
 	[wheezy] - apache2 2.2.22-13+deb7u1
-	[squeeze] - apache2 <no-dsa> (Minor issue)
+	[squeeze] - apache2 2.2.16-6+squeeze12
 	NOTE: http://www.gossamer-threads.com/lists/apache/announce/427633
 CVE-2013-1895 [concurrency issue leading to auth bypass]
 	RESERVED
@@ -18180,6 +18180,7 @@
 CVE-2013-1881 (GNOME libsvg before 2.39.0 allows remote attackers to read arbitrary ...)
 	- librsvg 2.40.0-1 (bug #724741)
 	[wheezy] - librsvg 2.36.1-2
+	[squeeze] - librsvg 2.26.3-1+deb6u2
 CVE-2013-1880 (Cross-site scripting (XSS) vulnerability in the Portfolio publisher ...)
 	- activemq <not-affected> (portfolio demo app not shipped in Debian package)
 	NOTE: https://issues.apache.org/jira/browse/AMQ-4398
@@ -18237,6 +18238,7 @@
 CVE-2013-1862 (mod_rewrite.c in the mod_rewrite module in the Apache HTTP Server ...)
 	- apache2 2.4.1-1 (unimportant)
 	[wheezy] - apache2 2.2.22-13+deb7u1
+	[squeeze] - apache2 2.2.16-6+squeeze12
 	NOTE: Such injection issues are not treated as security issues
 CVE-2013-1861 (MariaDB 5.5.x before 5.5.30, 5.3.x before 5.3.13, 5.2.x before 5.2.15, ...)
 	{DSA-2818-1 DSA-2780-1}

Modified: data/next-oldstable-point-update.txt
===================================================================
--- data/next-oldstable-point-update.txt	2014-02-15 09:20:41 UTC (rev 25751)
+++ data/next-oldstable-point-update.txt	2014-02-15 11:57:42 UTC (rev 25752)
@@ -1,16 +1 @@
-CVE-2013-6411
-	[squeeze] - openttd 1.0.4-7
-CVE-2013-1881
-	[squeeze] - librsvg 2.26.3-2
-CVE-2013-7262
-	[squeeze] - mapserver 5.6.5-2+squeeze3
-CVE-2013-7303
-	[squeeze] - spip 2.1.1-3squeeze8
-CVE-2013-1862
-	[squeeze] - apache2 2.2.16-6+squeeze12
-CVE-2013-1896
-	[squeeze] - apache2 2.2.16-6+squeeze12
-CVE-2014-1638
-	[squeeze] - localepurge 0.6.2+nmu1+squeeze1
-CVE-2013-2217
-	[squeeze] - suds 0.3.9-1+deb6u1
+svn iff