[Secure-testing-commits] r21498 - in data: CVE DSA

Mon, 04 Mar 2013 00:28:30 -0800 

Author: jmm
Date: 2013-03-04 08:28:21 +0000 (Mon, 04 Mar 2013)
New Revision: 21498

Modified:
   data/CVE/list
   data/DSA/list
Log:
new issue in ruby-openid (different srcpkg name in stable)
add two more CVE IDs fixed in recent Xen DSA
remove no-dsa for libsocialweb, got a fix
no-dsa: mantis, gambas
gambas3 was called gambas2 in stable/oldstable, mark it as removed


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2013-03-04 07:59:21 UTC (rev 21497)
+++ data/CVE/list       2013-03-04 08:28:21 UTC (rev 21498)
@@ -968,15 +968,20 @@
        [squeeze] - busybox <no-dsa> (Minor issue)
 CVE-2013-1812
        RESERVED
+       - ruby-openid <unfixed>
+       - libopenid-ruby <removed>
 CVE-2013-1811 [Reporter can change issue status to 'new']
        RESERVED
-       - mantis <unfixed> (bug #698481)
+       - mantis <unfixed> (low; bug #698481)
+       [squeeze] - mantis <no-dsa> (Minor issue)
 CVE-2013-1810 [summary.php category/project names XSS vulnerability]
        RESERVED
        - mantis <not-affected> (only affects MantisBT 1.2.12)
 CVE-2013-1809 [Gambas creates hijackable directory in /tmp]
        RESERVED
        - gambas3 <unfixed> (low; bug #702184)
+       - gambas2 <removed> 
+       [squeeze] - gambas2 <no-dsa> (Minor issue)
        NOTE: https://code.google.com/p/gambas/issues/detail?id=365
 CVE-2013-1808
        RESERVED
@@ -3056,6 +3061,7 @@
        - chromium-browser 25.0.1364.97-1
        - ffmpeg <removed>
        - libav <unfixed>
+       NOTE: Fixed in 6:9.3-1 in experimental
 CVE-2013-0893 (Race condition in Google Chrome before 25.0.1364.97 on Windows 
and ...)
        - chromium-browser 25.0.1364.97-1
 CVE-2013-0892 (Multiple unspecified vulnerabilities in the IPC layer in Google 
Chrome ...)
@@ -10552,7 +10558,6 @@
        NOTE: Konqueror not supported security-wise
 CVE-2012-4511 (services/flickr/flickr.c in libsocialweb before 0.25.21 
automatically ...)
        - libsocialweb 0.25.20-3.1 (low; bug #690675)
-       [wheezy] - libsocialweb <no-dsa> (Minor issue)
 CVE-2012-4510 (cups-pk-helper before 0.2.3 does not properly wrap the (1) 
cupsGetFile ...)
        {DSA-2562-1}
        - cups-pk-helper 0.2.3-1

Modified: data/DSA/list
===================================================================
--- data/DSA/list       2013-03-04 07:59:21 UTC (rev 21497)
+++ data/DSA/list       2013-03-04 08:28:21 UTC (rev 21498)
@@ -1,5 +1,5 @@
 [01 Mar 2013] DSA-2636-1 xen - several
-       {CVE-2012-4544 CVE-2012-5511 CVE-2012-5634 CVE-2013-0153}
+       {CVE-2012-2625 CVE-2012-4544 CVE-2012-5511 CVE-2012-5634 CVE-2012-6333 
CVE-2013-0153}
        [squeeze] - xen 4.0.1-5.7
 [01 Mar 2013] DSA-2635-1 cfingerd - buffer overflow
        {CVE-2013-1049}


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to