[Secure-testing-commits] r25084 - data/CVE
Joey Hess
joeyh at moszumanska.debian.org
Tue Jan 7 21:14:12 UTC 2014
Author: joeyh
Date: 2014-01-07 21:14:12 +0000 (Tue, 07 Jan 2014)
New Revision: 25084
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-01-07 17:23:13 UTC (rev 25083)
+++ data/CVE/list 2014-01-07 21:14:12 UTC (rev 25084)
@@ -1,3 +1,383 @@
+CVE-2014-0971
+ RESERVED
+CVE-2014-0970
+ RESERVED
+CVE-2014-0969
+ RESERVED
+CVE-2014-0968
+ RESERVED
+CVE-2014-0967
+ RESERVED
+CVE-2014-0966
+ RESERVED
+CVE-2014-0965
+ RESERVED
+CVE-2014-0964
+ RESERVED
+CVE-2014-0963
+ RESERVED
+CVE-2014-0962
+ RESERVED
+CVE-2014-0961
+ RESERVED
+CVE-2014-0960
+ RESERVED
+CVE-2014-0959
+ RESERVED
+CVE-2014-0958
+ RESERVED
+CVE-2014-0957
+ RESERVED
+CVE-2014-0956
+ RESERVED
+CVE-2014-0955
+ RESERVED
+CVE-2014-0954
+ RESERVED
+CVE-2014-0953
+ RESERVED
+CVE-2014-0952
+ RESERVED
+CVE-2014-0951
+ RESERVED
+CVE-2014-0950
+ RESERVED
+CVE-2014-0949
+ RESERVED
+CVE-2014-0948
+ RESERVED
+CVE-2014-0947
+ RESERVED
+CVE-2014-0946
+ RESERVED
+CVE-2014-0945
+ RESERVED
+CVE-2014-0944
+ RESERVED
+CVE-2014-0943
+ RESERVED
+CVE-2014-0942
+ RESERVED
+CVE-2014-0941
+ RESERVED
+CVE-2014-0940
+ RESERVED
+CVE-2014-0939
+ RESERVED
+CVE-2014-0938
+ RESERVED
+CVE-2014-0937
+ RESERVED
+CVE-2014-0936
+ RESERVED
+CVE-2014-0935
+ RESERVED
+CVE-2014-0934
+ RESERVED
+CVE-2014-0933
+ RESERVED
+CVE-2014-0932
+ RESERVED
+CVE-2014-0931
+ RESERVED
+CVE-2014-0930
+ RESERVED
+CVE-2014-0929
+ RESERVED
+CVE-2014-0928
+ RESERVED
+CVE-2014-0927
+ RESERVED
+CVE-2014-0926
+ RESERVED
+CVE-2014-0925
+ RESERVED
+CVE-2014-0924
+ RESERVED
+CVE-2014-0923
+ RESERVED
+CVE-2014-0922
+ RESERVED
+CVE-2014-0921
+ RESERVED
+CVE-2014-0920
+ RESERVED
+CVE-2014-0919
+ RESERVED
+CVE-2014-0918
+ RESERVED
+CVE-2014-0917
+ RESERVED
+CVE-2014-0916
+ RESERVED
+CVE-2014-0915
+ RESERVED
+CVE-2014-0914
+ RESERVED
+CVE-2014-0913
+ RESERVED
+CVE-2014-0912
+ RESERVED
+CVE-2014-0911
+ RESERVED
+CVE-2014-0910
+ RESERVED
+CVE-2014-0909
+ RESERVED
+CVE-2014-0908
+ RESERVED
+CVE-2014-0907
+ RESERVED
+CVE-2014-0906
+ RESERVED
+CVE-2014-0905
+ RESERVED
+CVE-2014-0904
+ RESERVED
+CVE-2014-0903
+ RESERVED
+CVE-2014-0902
+ RESERVED
+CVE-2014-0901
+ RESERVED
+CVE-2014-0900
+ RESERVED
+CVE-2014-0899
+ RESERVED
+CVE-2014-0898
+ RESERVED
+CVE-2014-0897
+ RESERVED
+CVE-2014-0896
+ RESERVED
+CVE-2014-0895
+ RESERVED
+CVE-2014-0894
+ RESERVED
+CVE-2014-0893
+ RESERVED
+CVE-2014-0892
+ RESERVED
+CVE-2014-0891
+ RESERVED
+CVE-2014-0890
+ RESERVED
+CVE-2014-0889
+ RESERVED
+CVE-2014-0888
+ RESERVED
+CVE-2014-0887
+ RESERVED
+CVE-2014-0886
+ RESERVED
+CVE-2014-0885
+ RESERVED
+CVE-2014-0884
+ RESERVED
+CVE-2014-0883
+ RESERVED
+CVE-2014-0882
+ RESERVED
+CVE-2014-0881
+ RESERVED
+CVE-2014-0880
+ RESERVED
+CVE-2014-0879
+ RESERVED
+CVE-2014-0878
+ RESERVED
+CVE-2014-0877
+ RESERVED
+CVE-2014-0876
+ RESERVED
+CVE-2014-0875
+ RESERVED
+CVE-2014-0874
+ RESERVED
+CVE-2014-0873
+ RESERVED
+CVE-2014-0872
+ RESERVED
+CVE-2014-0871
+ RESERVED
+CVE-2014-0870
+ RESERVED
+CVE-2014-0869
+ RESERVED
+CVE-2014-0868
+ RESERVED
+CVE-2014-0867
+ RESERVED
+CVE-2014-0866
+ RESERVED
+CVE-2014-0865
+ RESERVED
+CVE-2014-0864
+ RESERVED
+CVE-2014-0863
+ RESERVED
+CVE-2014-0862
+ RESERVED
+CVE-2014-0861
+ RESERVED
+CVE-2014-0860
+ RESERVED
+CVE-2014-0859
+ RESERVED
+CVE-2014-0858
+ RESERVED
+CVE-2014-0857
+ RESERVED
+CVE-2014-0856
+ RESERVED
+CVE-2014-0855
+ RESERVED
+CVE-2014-0854
+ RESERVED
+CVE-2014-0853
+ RESERVED
+CVE-2014-0852
+ RESERVED
+CVE-2014-0851
+ RESERVED
+CVE-2014-0850
+ RESERVED
+CVE-2014-0849
+ RESERVED
+CVE-2014-0848
+ RESERVED
+CVE-2014-0847
+ RESERVED
+CVE-2014-0846
+ RESERVED
+CVE-2014-0845
+ RESERVED
+CVE-2014-0844
+ RESERVED
+CVE-2014-0843
+ RESERVED
+CVE-2014-0842
+ RESERVED
+CVE-2014-0841
+ RESERVED
+CVE-2014-0840
+ RESERVED
+CVE-2014-0839
+ RESERVED
+CVE-2014-0838
+ RESERVED
+CVE-2014-0837
+ RESERVED
+CVE-2014-0836
+ RESERVED
+CVE-2014-0835
+ RESERVED
+CVE-2014-0834
+ RESERVED
+CVE-2014-0833
+ RESERVED
+CVE-2014-0832
+ RESERVED
+CVE-2014-0831
+ RESERVED
+CVE-2014-0830
+ RESERVED
+CVE-2014-0829
+ RESERVED
+CVE-2014-0828
+ RESERVED
+CVE-2014-0827
+ RESERVED
+CVE-2014-0826
+ RESERVED
+CVE-2014-0825
+ RESERVED
+CVE-2014-0824
+ RESERVED
+CVE-2014-0823
+ RESERVED
+CVE-2014-0822
+ RESERVED
+CVE-2014-0821
+ RESERVED
+CVE-2014-0820
+ RESERVED
+CVE-2014-0819
+ RESERVED
+CVE-2014-0818
+ RESERVED
+CVE-2014-0817
+ RESERVED
+CVE-2014-0816
+ RESERVED
+CVE-2014-0815
+ RESERVED
+CVE-2014-0814
+ RESERVED
+CVE-2014-0813
+ RESERVED
+CVE-2014-0812
+ RESERVED
+CVE-2014-0811
+ RESERVED
+CVE-2014-0810
+ RESERVED
+CVE-2014-0809
+ RESERVED
+CVE-2014-0808
+ RESERVED
+CVE-2014-0807
+ RESERVED
+CVE-2014-0806
+ RESERVED
+CVE-2014-0805
+ RESERVED
+CVE-2014-0804
+ RESERVED
+CVE-2014-0803
+ RESERVED
+CVE-2014-0802
+ RESERVED
+CVE-2014-0801
+ RESERVED
+CVE-2014-0800
+ RESERVED
+CVE-2014-0799
+ RESERVED
+CVE-2014-0798
+ RESERVED
+CVE-2014-0797
+ RESERVED
+CVE-2014-0796
+ RESERVED
+CVE-2014-0795
+ RESERVED
+CVE-2014-0794
+ RESERVED
+CVE-2014-0793
+ RESERVED
+CVE-2014-0792
+ RESERVED
+CVE-2014-0790
+ RESERVED
+CVE-2013-7271 (The x25_recvmsg function in net/x25/af_x25.c in the Linux kernel ...)
+ TODO: check
+CVE-2013-7270 (The packet_recvmsg function in net/packet/af_packet.c in the Linux ...)
+ TODO: check
+CVE-2013-7269 (The nr_recvmsg function in net/netrom/af_netrom.c in the Linux kernel ...)
+ TODO: check
+CVE-2013-7268 (The ipx_recvmsg function in net/ipx/af_ipx.c in the Linux kernel ...)
+ TODO: check
+CVE-2013-7267 (The atalk_recvmsg function in net/appletalk/ddp.c in the Linux kernel ...)
+ TODO: check
+CVE-2013-7266 (The mISDN_sock_recvmsg function in drivers/isdn/mISDN/socket.c in the ...)
+ TODO: check
+CVE-2013-7262 (SQL injection vulnerability in the msPostGISLayerSetTimeFilter ...)
+ TODO: check
+CVE-2013-7261
+ RESERVED
+CVE-2013-7260 (Multiple stack-based buffer overflows in RealNetworks RealPlayer ...)
+ TODO: check
CVE-2014-XXXX [greeter crashes on empty username]
- lightdm-gtk-greeter <unfixed> (bug #734472)
NOTE: https://bugs.launchpad.net/lightdm-gtk-greeter/+bug/1266449
@@ -7,7 +387,7 @@
NOTE: https://github.com/ellson/graphviz/commit/7aaddf52cd98589fb0c3ab72a393f8411838438a
CVE-2013-XXXX [XSS]
- movabletype-opensource 5.2.9+dfsg-1 (bug #734304)
-CVE-2014-0791
+CVE-2014-0791 (Integer overflow in the license_read_scope_list function in ...)
- freerdp <unfixed>
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=998941
TODO: check
@@ -367,13 +747,13 @@
RESERVED
CVE-2014-0612
RESERVED
-CVE-2013-7265
+CVE-2013-7265 (The pn_recvmsg function in net/phonet/datagram.c in the Linux kernel ...)
- linux-2.6 <removed> (low)
- linux 3.12.6-1 (low)
-CVE-2013-7264
+CVE-2013-7264 (The l2tp_ip_recvmsg function in net/l2tp/l2tp_ip.c in the Linux kernel ...)
- linux-2.6 <removed> (low)
- linux 3.12.6-1 (low)
-CVE-2013-7263
+CVE-2013-7263 (The Linux kernel before 3.12.4 updates certain length values before ...)
- linux-2.6 <removed> (low)
- linux 3.12.6-1 (low)
CVE-2013-7251 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
@@ -443,6 +823,7 @@
CVE-2014-0591
RESERVED
CVE-2013-7259
+ RESERVED
- neo4j-community <itp> (bug #685615)
NOTE: http://blog.diniscruz.com/2013/08/neo4j-csrf-payload-to-start-processes.html
CVE-2013-7258 (Cross-site scripting (XSS) vulnerability in web2ldap 1.1.x before ...)
@@ -2615,7 +2996,7 @@
CVE-2013-6878
RESERVED
NOT-FOR-US: MijoSearch
-CVE-2013-6877 (Heap-based buffer overflow in RealNetworks RealPlayer 16.0.2.32 and ...)
+CVE-2013-6877 (Heap-based buffer overflow in RealNetworks RealPlayer before 17.0.4.61 ...)
NOT-FOR-US: RealPlayer
CVE-2013-6876
RESERVED
@@ -3589,7 +3970,7 @@
CVE-2013-6464
RESERVED
CVE-2013-6463 [Linux kernel: net: memory leak in recvmsg handlermsg_name & msg_namelen logic]
- RESERVED
+ REJECTED
- linux-2.6 <removed>
[squeeze] - linux-2.6 <no-dsa> (Too intrusive to backport)
- linux 3.12.6-1
@@ -3597,6 +3978,7 @@
NOTE: included in https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.4
CVE-2013-6462
RESERVED
+ {DSA-2838-1}
- libxfont 1:1.4.7-1
CVE-2013-6461 [DoS while parsing XML entities]
RESERVED
@@ -3802,7 +4184,7 @@
REJECTED
NOTE: Dublicate of CVE-2013-6858
CVE-2013-6405
- RESERVED
+ REJECTED
NOTE: rejected and split to CVE-2013-7263, CVE-2013-7264 and CVE-2013-7265
CVE-2013-6404 (Quassel core (server daemon) in Quassel IRC before 0.9.2 does not ...)
- quassel 0.9.2-1 (low)
@@ -3811,8 +4193,7 @@
NOTE: https://github.com/quassel/quassel/commit/a1a24da
CVE-2013-6403 (The admin page in ownCloud before 5.0.13 allows remote attackers to ...)
- owncloud 5.0.13+dfsg-1
-CVE-2013-6402 [hplip insecure temporary file handling in pkit.py]
- RESERVED
+CVE-2013-6402 (base/pkit.py in HP Linux Imaging and Printing (HPLIP) through 3.13.11 ...)
{DSA-2829-1}
- hplip <unfixed> (bug #725876)
NOTE: https://bugzilla.novell.com/show_bug.cgi?id=852368
@@ -4312,11 +4693,9 @@
NOT-FOR-US: HP Service Manager WebTier and Windows Client
CVE-2013-6196 (Cross-site scripting (XSS) vulnerability in HP Autonomy Ultraseek 5 ...)
NOT-FOR-US: HP Autonomy Ultraseek
-CVE-2013-6195
- RESERVED
+CVE-2013-6195 (Unspecified vulnerability in HP Storage Data Protector 6.2X allows ...)
NOT-FOR-US: HP Data Protector
-CVE-2013-6194
- RESERVED
+CVE-2013-6194 (Unspecified vulnerability in HP Storage Data Protector 6.2X allows ...)
NOT-FOR-US: HP Data Protector
CVE-2013-6193 (Unspecified vulnerability on HP LaserJet M1522n and M2727; LaserJet ...)
NOT-FOR-US: HP Printers
@@ -5039,7 +5418,7 @@
NOT-FOR-US: Oracle Industry Applications
CVE-2013-5855
RESERVED
-CVE-2013-5854 (Unspecified vulnerability in Oracle Java SE Java SE 7u40 and earlier ...)
+CVE-2013-5854 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier and ...)
- openjdk-6 <not-affected> (JavaFX not part of OpenJDK)
- openjdk-7 <not-affected> (JavaFX not part of OpenJDK)
CVE-2013-5853
@@ -5250,7 +5629,7 @@
- openjdk-7 7u45-2.4.3-1
CVE-2013-5779 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
NOT-FOR-US: Oracle PeopleSoft Products
-CVE-2013-5778 (Unspecified vulnerability in Oracle Java SE Java SE 7u40 and earlier, ...)
+CVE-2013-5778 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier, 6u60 and ...)
- openjdk-6 6b27-1.12.7-1
- openjdk-7 7u45-2.4.3-1
CVE-2013-5777 (Unspecified vulnerability in the Java SE and JavaFX components in ...)
@@ -5262,7 +5641,7 @@
CVE-2013-5775 (Unspecified vulnerability in the Java SE and JavaFX components in ...)
- openjdk-6 <not-affected> (JavaFX not part of OpenJDK)
- openjdk-7 <not-affected> (JavaFX not part of OpenJDK)
-CVE-2013-5774 (Unspecified vulnerability in the Java SE, Java SE Embedded component ...)
+CVE-2013-5774 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier, 6u60 and ...)
- openjdk-6 6b27-1.12.7-1
- openjdk-7 7u45-2.4.3-1
CVE-2013-5773 (Unspecified vulnerability in the Oracle Containers for J2EE component ...)
@@ -8845,6 +9224,7 @@
NOTE: according to upstream bug there will probably not be a patch for this issue
CVE-2013-4353 [TLS record tampering]
RESERVED
+ {DSA-2837-1}
- openssl 1.0.1f-1
[squeeze] - openssl <not-affected> (Only affects 1.0.1 to 1.0.1e)
CVE-2013-4352
@@ -13986,26 +14366,19 @@
NOT-FOR-US: HP
CVE-2013-2351 (Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.00, ...)
NOT-FOR-US: HP Network Node Manager
-CVE-2013-2350
- RESERVED
+CVE-2013-2350 (Unspecified vulnerability in HP Storage Data Protector 6.2X allows ...)
NOT-FOR-US: Data Protector
-CVE-2013-2349
- RESERVED
+CVE-2013-2349 (Unspecified vulnerability in HP Storage Data Protector 6.2X allows ...)
NOT-FOR-US: Data Protector
-CVE-2013-2348
- RESERVED
+CVE-2013-2348 (Unspecified vulnerability in HP Storage Data Protector 6.2X allows ...)
NOT-FOR-US: Data Protector
-CVE-2013-2347
- RESERVED
+CVE-2013-2347 (Unspecified vulnerability in HP Storage Data Protector 6.2X allows ...)
NOT-FOR-US: Data Protector
-CVE-2013-2346
- RESERVED
+CVE-2013-2346 (Unspecified vulnerability in HP Storage Data Protector 6.2X allows ...)
NOT-FOR-US: Data Protector
-CVE-2013-2345
- RESERVED
+CVE-2013-2345 (Unspecified vulnerability in HP Storage Data Protector 6.2X allows ...)
NOT-FOR-US: Data Protector
-CVE-2013-2344
- RESERVED
+CVE-2013-2344 (Unspecified vulnerability in HP Storage Data Protector 6.2X allows ...)
NOT-FOR-US: Data Protector
CVE-2013-2343 (Unspecified vulnerability on the HP LeftHand Virtual SAN Appliance ...)
NOT-FOR-US: HP
@@ -30351,11 +30724,9 @@
CVE-2012-2900 (Skia, as used in Google Chrome before 22.0.1229.92, does not properly ...)
- chromium-browser 22.0.1229.94~r161065-1
[squeeze] - chromium-browser <end-of-life>
-CVE-2012-2899
- RESERVED
+CVE-2012-2899 (Google Chrome before 21.0.1180.82 on iOS makes certain incorrect calls ...)
- chromium-browser <not-affected> (iOS-specific)
-CVE-2012-2898
- RESERVED
+CVE-2012-2898 (Google Chrome before 21.0.1180.82 on iOS on iPad devices allows remote ...)
- chromium-browser <not-affected> (iOS-specific)
CVE-2012-2897 (The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows ...)
- chromium-browser <not-affected> (Windows-specific)
More information about the Secure-testing-commits
mailing list