[Secure-testing-commits] r25002 - data/CVE
Joey Hess
joeyh at moszumanska.debian.org
Wed Jan 1 21:14:12 UTC 2014
Author: joeyh
Date: 2014-01-01 21:14:12 +0000 (Wed, 01 Jan 2014)
New Revision: 25002
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-01-01 20:47:13 UTC (rev 25001)
+++ data/CVE/list 2014-01-01 21:14:12 UTC (rev 25002)
@@ -661,6 +661,7 @@
CVE-2013-7240
TODO: check
CVE-2013-7239 [SASL authentication allows wrong credentials to access memcache]
+ {DSA-2832-1}
- memcached <unfixed> (bug #733643)
[squeeze] - memcached <not-affected> (vulnerable code present, but SASL authentication support not enabled)
NOTE: https://code.google.com/p/memcached/wiki/ReleaseNotes1417
@@ -968,32 +969,40 @@
NOTE: https://review.typo3.org/#/c/26176/
NOTE: CVE assigned for Typo3 Flow, correspond to CVE-2013-7078
CVE-2013-7081 (The (old) Form Content Element component in TYPO3 4.5.0 through ...)
+ {DSA-2834-1}
- typo3-src 4.5.32+dfsg1-1 (bug #731999)
NOTE: https://review.typo3.org/#/c/26182/
CVE-2013-7080 (The creating record functionality in Extension table administration ...)
+ {DSA-2834-1}
- typo3-src 4.5.32+dfsg1-1 (bug #731999)
NOTE: https://review.typo3.org/#/c/26178/
CVE-2013-7079 (Open redirect vulnerability in the OpenID extension in TYPO3 4.5.0 ...)
+ {DSA-2834-1}
- typo3-src 4.5.32+dfsg1-1 (bug #731999)
NOTE: https://review.typo3.org/#/c/26179/
CVE-2013-7078 [Cross-Site Scripting]
RESERVED
+ {DSA-2834-1}
- typo3-src 4.5.32+dfsg1-1 (bug #731999)
NOTE: https://review.typo3.org/#/c/26176/
CVE-2013-7077 (Cross-site scripting (XSS) vulnerability in the Backend User ...)
- typo3-src <not-affected> (Affects versions 6.0.0 to 6.0.11, 6.1.0 to 6.1.6)
CVE-2013-7076 (Cross-site scripting (XSS) vulnerability in Extension Manager in TYPO3 ...)
+ {DSA-2834-1}
- typo3-src 4.5.32+dfsg1-1 (bug #731999)
NOTE: https://review.typo3.org/#/c/26181/
CVE-2013-7075 (The Content Editing Wizards component in TYPO3 4.5.0 through 4.5.31, ...)
+ {DSA-2834-1}
- typo3-src 4.5.32+dfsg1-1 (bug #731999)
NOTE: https://review.typo3.org/#/c/26175/
CVE-2013-7074 (Multiple cross-site scripting (XSS) vulnerabilities in Content Editing ...)
+ {DSA-2834-1}
- typo3-src 4.5.32+dfsg1-1 (bug #731999)
NOTE: https://review.typo3.org/#/c/26184/
NOTE: https://review.typo3.org/#/c/26183/
NOTE: https://review.typo3.org/#/c/26177/
CVE-2013-7073 (The Content Editing Wizards component in TYPO3 4.5.0 through 4.5.31, ...)
+ {DSA-2834-1}
- typo3-src 4.5.32+dfsg1-1 (bug #731999)
NOTE: https://review.typo3.org/#/c/26180/
CVE-2013-7072
@@ -3181,9 +3190,11 @@
RESERVED
CVE-2013-6450 [DTLS retransmission from previous session]
RESERVED
+ {DSA-2833-1}
- openssl 1.0.1e-5 (low)
[squeeze] - openssl <no-dsa> (Minor issue, limited DTLS support in 0.9.8 branch)
CVE-2013-6449 (The ssl_get_algorithm2 function in ssl/s3_lib.c in OpenSSL before ...)
+ {DSA-2833-1}
- openssl 1.0.1e-5 (bug #732754)
[squeeze] - openssl <not-affected> (TLS 1.2 support introduced in 1.0.1)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1045363
@@ -36898,6 +36909,7 @@
RESERVED
NOT-FOR-US: Drupal module
CVE-2011-4971 (Multiple integer signedness errors in the (1) process_bin_sasl_auth, ...)
+ {DSA-2832-1}
- memcached <unfixed> (bug #706426)
NOTE: https://github.com/memcached/memcached/commit/6695ccbc525c36d693aaa3e8337b36aa0c784424
CVE-2011-4970 [Multiple SQL Injection vulnerabilities in Disk Pool Manager (DPM)]
More information about the Secure-testing-commits
mailing list