[Secure-testing-commits] r25014 - data/CVE

Moritz Muehlenhoff jmm at moszumanska.debian.org
Thu Jan 2 10:05:52 UTC 2014 

Author: jmm
Date: 2014-01-02 10:05:52 +0000 (Thu, 02 Jan 2014)
New Revision: 25014

Modified:
   data/CVE/list
Log:
new python issues
mark lxc as non-issue


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2014-01-02 08:31:11 UTC (rev 25013)
+++ data/CVE/list	2014-01-02 10:05:52 UTC (rev 25014)
@@ -3230,8 +3230,7 @@
 	RESERVED
 CVE-2013-6441
 	RESERVED
-	- lxc <unfixed>
-	NOTE: "disputed" CVE assignement, as having root to the container allows
+	NOTE: "disputed" CVE assignment for lxc, as having root to the container allows
 	NOTE: getting root on host, if not using unprivileged containers or
 	NOTE: restricting the containers with apparmor or selinux.
 CVE-2013-6440 [XML eXternal Entity (XXE) flaw in ParserPool and Decrypter]
@@ -15484,11 +15483,36 @@
 	RESERVED
 CVE-2013-1753
 	RESERVED
+	- python2.5 <removed> (low)
+	- python2.6 <removed> (low)
+	- python2.7 <unfixed> (low)
+	- python3.1 <removed> (low)
+	- python3.2 <removed> (low)
+	- python3.3 <unfixed> (low)
+	- python3.4 <unfixed> (low)
+	[squeeze] - python2.5 <no-dsa> (Minor issue)
+	[squeeze] - python2.6 <no-dsa> (Minor issue)
+	[wheezy] - python2.6 <no-dsa> (Minor issue)
+	[wheezy] - python2.7 <no-dsa> (Minor issue)
+	[squeeze] - python3.1 <no-dsa> (Minor issue)
+	[wheezy] - python3.2 <no-dsa> (Minor issue)
 	NOTE: http://bugs.python.org/issue16043
 	NOTE: preliminary patch: http://bugs.python.org/file28796/xmlrpc_gzip_27.patch
-	TODO: check
 CVE-2013-1752
 	RESERVED
+	- python2.5 <removed> (low)
+	- python2.6 <removed> (low)
+	- python2.7 <unfixed> (low)
+	- python3.1 <removed> (low)
+	- python3.2 <removed> (low)
+	- python3.3 <unfixed> (low)
+	- python3.4 <unfixed> (low)
+	[squeeze] - python2.5 <no-dsa> (Minor issue)
+	[squeeze] - python2.6 <no-dsa> (Minor issue)
+	[wheezy] - python2.6 <no-dsa> (Minor issue)
+	[wheezy] - python2.7 <no-dsa> (Minor issue)
+	[squeeze] - python3.1 <no-dsa> (Minor issue)
+	[wheezy] - python3.2 <no-dsa> (Minor issue)
 	NOTE: http://marc.info/?l=oss-security&m=138816139322814&w=2
 CVE-2013-1751
 	RESERVED

More information about the Secure-testing-commits mailing list