Author: joeyh
Date: 2013-06-07 21:14:26 +0000 (Fri, 07 Jun 2013)
New Revision: 22534
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-06-07 19:25:19 UTC (rev 22533)
+++ data/CVE/list 2013-06-07 21:14:26 UTC (rev 22534)
@@ -1,3 +1,21 @@
+CVE-2013-3970
+ RESERVED
+CVE-2013-3969
+ RESERVED
+CVE-2013-3968
+ RESERVED
+CVE-2013-3967
+ RESERVED
+CVE-2013-3966
+ RESERVED
+CVE-2013-3965
+ RESERVED
+CVE-2013-3964
+ RESERVED
+CVE-2013-3963
+ RESERVED
+CVE-2013-3962
+ RESERVED
CVE-2013-3961
RESERVED
CVE-2013-3960
@@ -2394,12 +2412,11 @@
- chromium-browser 27.0.1453.110-1
CVE-2013-2853
RESERVED
-CVE-2013-2852
- RESERVED
-CVE-2013-2851
- RESERVED
-CVE-2013-2850
- RESERVED
+CVE-2013-2852 (Format string vulnerability in the b43_request_firmware
function in ...)
+ TODO: check
+CVE-2013-2851 (Format string vulnerability in the register_disk function in
...)
+ TODO: check
+CVE-2013-2850 (Heap-based buffer overflow in the
iscsi_add_notunderstood_response ...)
- linux 3.9.4-1
- linux-2.6 <removed>
CVE-2013-2849 (Multiple cross-site scripting (XSS) vulnerabilities in Google
Chrome ...)
@@ -4065,17 +4082,14 @@
CVE-2013-2149 [XSS vulnerability in core/js/oc-dialogs.js]
RESERVED
- owncloud 4.0.16debian-1 (bug #711517)
-CVE-2013-2148 [fanotify: info leak in copy_event_to_user]
- RESERVED
+CVE-2013-2148 (The fill_event_metadata function in
fs/notify/fanotify/fanotify_user.c ...)
- linux-2.6 <removed> (low)
[squeeze] - linux-2.6 <not-affected> (fanotify introduced in 2.6.36)
- linux <unfixed> (low)
-CVE-2013-2147 [pqarray/c: info leak in ida_locked_ioctl()]
- RESERVED
+CVE-2013-2147 (The HP Smart Array controller disk-array driver and Compaq
SMART2 ...)
- linux-2.6 <removed> (low)
- linux <unfixed> (low)
-CVE-2013-2146 [perf DoS]
- RESERVED
+CVE-2013-2146 (arch/x86/kernel/cpu/perf_event_intel.c in the Linux kernel
before ...)
- linux-2.6 <removed>
- linux 3.9.4-1
CVE-2013-2145 [arbitrary code execution when verifying SIGNATURE]
@@ -4090,8 +4104,7 @@
- libimobiledevice <unfixed> (low; bug #710885)
[squeeze] - libimobiledevice <no-dsa> (Minor issue)
[wheezy] - libimobiledevice <no-dsa> (Minor issue)
-CVE-2013-2141 [kernel info leak in tkill/tgkill]
- RESERVED
+CVE-2013-2141 (The do_tkill function in kernel/signal.c in the Linux kernel
before ...)
- linux-2.6 <removed>
- linux 3.9.4-1
CVE-2013-2140 [xen/blkback: Check device permissions before allowing
OP_DISCARD]
@@ -4135,8 +4148,7 @@
[wheezy] - znc <not-affected> (Vulnerable code not present)
CVE-2013-2129
RESERVED
-CVE-2013-2128
- RESERVED
+CVE-2013-2128 (The tcp_read_sock function in net/ipv4/tcp.c in the Linux
kernel ...)
- linux-2.6 <removed>
- linux 2.6.35-1~experimental.1
NOTE:
https://git.kernel.org/linus/baff42ab1494528907bf4d5870359e31711746ae
@@ -4893,8 +4905,7 @@
RESERVED
- mantis <not-affected> (affects only Mantis 1.2.12 and later)
NOTE: http://www.openwall.com/lists/oss-security/2013/04/04/8
-CVE-2013-1929 [tg3 VPD firmware -> driver injection]
- RESERVED
+CVE-2013-1929 (Heap-based buffer overflow in the tg3_read_vpd function in ...)
{DSA-2669-1 DSA-2668-1}
- linux 3.8.11-1
- linux-2.6 <removed>
@@ -27914,8 +27925,7 @@
[lenny] - rocksndiamonds <no-dsa> (Contrib not supported)
CVE-2011-4605 (The (1) JNDI service, (2) HA-JNDI service, and (3)
HAJNDIFactory ...)
- jbossas4 <not-affected> (Only builds a few libraries, not the full
application server, #581226)
-CVE-2011-4604 [http://seclists.org/oss-sec/2011/q4/496]
- RESERVED
+CVE-2011-4604 (The bat_socket_read function in net/batman-adv/icmp_socket.c in
the ...)
- batmand-adv-kernelland <removed>
[squeeze] - batmand-adv-kernelland <not-affected> (Vulnerable code not
present)
- linux-2.6 <unfixed>
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
