[Secure-testing-commits] r27327 - data/CVE

Henri Salo fgeek-guest at moszumanska.debian.org
Tue Jun 17 15:36:22 UTC 2014 

Author: fgeek-guest
Date: 2014-06-17 15:36:22 +0000 (Tue, 17 Jun 2014)
New Revision: 27327

Modified:
   data/CVE/list
Log:
old owncloud issues got CVEs

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2014-06-17 14:43:54 UTC (rev 27326)
+++ data/CVE/list	2014-06-17 15:36:22 UTC (rev 27327)
@@ -4907,7 +4907,7 @@
 	NOTE:  owncloud advisory does not mention details for ZendFramework
 	NOTE: http://owncloud.org/about/security/advisories/oC-SA-2014-006/
 CVE-2014-2051 (ownCloud Server before 5.0.15 and 6.0.x before 6.0.2 allows remote ...)
-	TODO: check
+	- owncloud 6.0.2+dfsg-1
 CVE-2014-2050
 	RESERVED
 CVE-2014-2049 (The default Flash Cross Domain policies in ownCloud before 5.0.15 and ...)
@@ -29107,12 +29107,12 @@
 	- python-django 1.4.4-1 (bug #701186)
 	NOTE: https://www.djangoproject.com/weblog/2013/feb/19/security/
 CVE-2013-0304 (ownCloud Server before 4.5.7 does not properly check ownership of ...)
-	TODO: check
+	- owncloud 5.0.3+dfsg-1
 CVE-2013-0303 (Unspecified vulnerability in core/ajax/translations.php in ownCloud ...)
 	- owncloud 4.0.8debian-1.5 (bug #701115)
 	NOTE: http://owncloud.org/about/security/advisories/oC-SA-2013-006/
 CVE-2013-0302 (Unspecified vulnerability in ownCloud Server before 4.0.12 allows ...)
-	TODO: check
+	- owncloud 5.0.3+dfsg-1
 CVE-2013-0301 (Cross-site request forgery (CSRF) vulnerability in ...)
 	- owncloud 4.0.8debian-1.5 (bug #701115)
 	NOTE: http://owncloud.org/about/security/advisories/oC-SA-2013-004/
@@ -32588,7 +32588,7 @@
 CVE-2012-5337 (Multiple cross-site scripting (XSS) vulnerabilities in jforum.page in ...)
 	NOT-FOR-US: jForum
 CVE-2012-5336 (lib/base.php in ownCloud before 4.0.8 does not properly validate the ...)
-	TODO: check
+	- owncloud 4.0.8debian-1
 CVE-2012-5335 (Directory traversal vulnerability in Tiny Server 1.1.5 allows remote ...)
 	NOT-FOR-US: Tiny Server
 CVE-2012-5334 (SQL injection vulnerability in product_desc.php in Pre Printing Press ...)
@@ -33254,9 +33254,9 @@
 CVE-2012-5058 (Unspecified vulnerability in the Oracle iStore component in Oracle ...)
 	NOT-FOR-US: Oracle E-Business Suite
 CVE-2012-5057 (CRLF injection vulnerability in ownCloud Server before 4.0.8 allows ...)
-	TODO: check
+	- owncloud 4.0.8debian-1
 CVE-2012-5056 (Multiple cross-site scripting (XSS) vulnerabilities in ownCloud Server ...)
-	TODO: check
+	- owncloud 4.0.8debian-1
 CVE-2012-5055 (DaoAuthenticationProvider in VMware SpringSource Spring Security ...)
 	NOT-FOR-US: VMware
 CVE-2012-5054 (Integer overflow in the copyRawDataTo method in the Matrix3D class in ...)

More information about the Secure-testing-commits mailing list