[Secure-testing-commits] r26251 - data/CVE
Raphael Geissert
atomo64-guest at moszumanska.debian.org
Wed Mar 26 08:48:16 UTC 2014
Author: atomo64-guest
Date: 2014-03-26 08:48:16 +0000 (Wed, 26 Mar 2014)
New Revision: 26251
Modified:
data/CVE/list
Log:
owncloud, vlc, puppet enterprise
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-03-26 07:19:46 UTC (rev 26250)
+++ data/CVE/list 2014-03-26 08:48:16 UTC (rev 26251)
@@ -275,12 +275,16 @@
CVE-2014-2498
RESERVED
CVE-2013-7344 (Unspecified vulnerability in core/settings.php in ownCloud before ...)
+ - owncloud <unfixed>
TODO: check
CVE-2013-7343 (Cross-site scripting (XSS) vulnerability in flowplayer.swf in the ...)
TODO: check
+ NOTE: moodle?
CVE-2013-7342 (Cross-site scripting (XSS) vulnerability in flowplayer.swf in the ...)
TODO: check
+ NOTE: moodle?
CVE-2013-7340 (VideoLAN VLC Media Player before 2.0.7 allows remote attackers to ...)
+ - vlc <unfixed>
TODO: check
CVE-2013-7337
RESERVED
@@ -1452,10 +1456,12 @@
CVE-2014-2050
RESERVED
CVE-2014-2049 (The default Flash Cross Domain policies in ownCloud before 5.0.15 and ...)
+ - owncloud <unfixed>
TODO: check
CVE-2014-2048
RESERVED
CVE-2014-2047 (Session fixation vulnerability in ownCloud before 6.0.2, when PHP is ...)
+ - owncloud <unfixed>
TODO: check
CVE-2014-2046
RESERVED
@@ -2256,7 +2262,7 @@
CVE-2014-1762
RESERVED
CVE-2014-1761 (Microsoft Word 2003 SP3, 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 ...)
- TODO: check
+ NOT-FOR-US: Microsoft Word
CVE-2014-1760
RESERVED
CVE-2014-1759
@@ -11804,7 +11810,7 @@
CVE-2013-4966 (The master external node classification script in Puppet Enterprise ...)
- puppet <not-affected> (Only affects Puppet Enterprise)
CVE-2013-4965 (Puppet Enterprise before 3.1.0 does not properly restrict the number ...)
- NOT-FOR-US: Puppet Enterprise
+ - puppet <not-affected> (Only affects Puppet Enterprise)
CVE-2013-4964 (Puppet Enterprise before 3.0.1 does not set the secure flag for the ...)
- puppet <not-affected> (Only affects Puppet Enterprise)
CVE-2013-4963 (Multiple cross-site request forgery (CSRF) vulnerabilities in Puppet ...)
@@ -21970,9 +21976,9 @@
RESERVED
- haskell-tls-extra 0.4.6.1-1 (bug #698545)
CVE-2013-1399 (Multiple cross-site request forgery (CSRF) vulnerabilities in the (1) ...)
- TODO: check
+ - puppet <not-affected> (Only affects Puppet Enterprise)
CVE-2013-1398 (The pe_mcollective module in Puppet Enterprise (PE) before 2.7.1 does ...)
- TODO: check
+ - puppet <not-affected> (Only affects Puppet Enterprise)
CVE-2013-1397
RESERVED
CVE-2013-1396
@@ -28954,7 +28960,7 @@
CVE-2012-5160
RESERVED
CVE-2012-5158 (Puppet Enterprise (PE) before 2.6.1 does not properly invalidate ...)
- TODO: check
+ - puppet <not-affected> (Only affects Puppet Enterprise)
CVE-2012-5157 (Google Chrome before 24.0.1312.52 does not properly handle image data ...)
- chromium-browser <not-affected> (PDF functionality not available in Chromium)
CVE-2012-5156 (Use-after-free vulnerability in Google Chrome before 24.0.1312.52 ...)
@@ -40123,7 +40129,7 @@
CVE-2012-0892
RESERVED
CVE-2012-0891 (Multiple cross-site scripting (XSS) vulnerabilities in Puppet ...)
- TODO: check
+ NOT-FOR-US: puppet-dashboard
CVE-2012-0890
RESERVED
CVE-2012-0889
More information about the Secure-testing-commits
mailing list