Author: carnil
Date: 2013-02-21 19:01:55 +0000 (Thu, 21 Feb 2013)
New Revision: 21364
Modified:
data/CVE/list
Log:
add owncloud XSS vulnerabilities
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-02-21 18:51:41 UTC (rev 21363)
+++ data/CVE/list 2013-02-21 19:01:55 UTC (rev 21364)
@@ -4604,8 +4604,11 @@
- linux-2.6 <removed>
CVE-2013-0308
RESERVED
-CVE-2013-0307
+CVE-2013-0307 [XSS vulnerability]
RESERVED
+ - owncloud <unfixed>
+ NOTE: http://owncloud.org/about/security/advisories/oC-SA-2013-003/
+ TODO: report to BTS
CVE-2013-0306 [Formset denial-of-service]
RESERVED
- python-django <unfixed>
@@ -4627,10 +4630,16 @@
RESERVED
CVE-2013-0299
RESERVED
-CVE-2013-0298
+CVE-2013-0298 [XSS vulnerability]
RESERVED
-CVE-2013-0297
+ - owncloud <not-affected> (Vulnerably code not present, only affects
4.5 branch)
+ NOTE: http://owncloud.org/about/security/advisories/oC-SA-2013-003/
+ NOTE: only affecting owncloud 4.5
+CVE-2013-0297 [XSS vulnerability]
RESERVED
+ - owncloud <unfixed>
+ NOTE: http://owncloud.org/about/security/advisories/oC-SA-2013-003/
+ TODO: report to BTS
CVE-2013-0296 [creates temp files with too wide permissions]
RESERVED
- pigz <unfixed> (low; bug #700608)
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
