[Secure-testing-commits] r25727 - data/CVE

Thu, 13 Feb 2014 06:38:24 -0800 

Author: jmm
Date: 2014-02-13 14:37:51 +0000 (Thu, 13 Feb 2014)
New Revision: 25727

Modified:
   data/CVE/list
Log:
svn no-dsa
new libv8 issues


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2014-02-13 12:59:56 UTC (rev 25726)
+++ data/CVE/list       2014-02-13 14:37:51 UTC (rev 25727)
@@ -293,8 +293,8 @@
        NOT-FOR-US: Dokeos
 CVE-2014-1876 [insecure temp file handling]
        RESERVED
-       - openjdk-7 <unfixed> (bug #737562)
-       - openjdk-6 <unfixed>
+       - openjdk-7 <unfixed> (low; bug #737562)
+       - openjdk-6 <unfixed> (low)
 CVE-2014-1875 [insecure use of /tmp]
        RESERVED
        - libcapture-tiny-perl 0.24-1 (bug #737835)
@@ -4968,7 +4968,9 @@
        RESERVED
 CVE-2014-0032 [mod_dav_svn crash when handling certain requests with 
SVNListParentPath on]
        RESERVED
-       - subversion <unfixed> (bug #737815)
+       - subversion <unfixed> (low; bug #737815)
+       [squeeze] - subversion <no-dsa> (Minor issue)
+       [wheezy] - subversion <no-dsa> (Minor issue)
 CVE-2014-0031 (The (1) ListNetworkACL and (2) listNetworkACLLists APIs in 
Apache ...)
        NOT-FOR-US: Apache CloudStack
 CVE-2014-0030
@@ -5054,9 +5056,9 @@
 CVE-2014-0002
        RESERVED
 CVE-2014-0001 (Buffer overflow in client/mysql.cc in Oracle MySQL and MariaDB 
before ...)
-       - mysql-5.1 <removed>
-       - mysql-5.5 <unfixed> (bug #737596)
-       - mariadb-5.5 <unfixed> (bug #737597)
+       - mysql-5.1 <removed> (low)
+       - mysql-5.5 <unfixed> (low; bug #737596)
+       - mariadb-5.5 <unfixed> (low; bug #737597)
        NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1054592
        NOTE: 
http://bazaar.launchpad.net/~maria-captains/maria/5.5/revision/2502.565.64
 CVE-2013-6985 (SQL injection vulnerability in m_worklog/log_searchday.jsp in 
Enorth ...)
@@ -5666,10 +5668,12 @@
        RESERVED
 CVE-2013-6650 (The StoreBuffer::ExemptPopularPages function in store-buffer.cc 
in ...)
        - chromium-browser <unfixed>
-       TODO: check, other source packages might be affected
+       - libv8 <removed>
+       - libv8-3.14 <unfixed>
 CVE-2013-6649 (Use-after-free vulnerability in the RenderSVGImage::paint 
function in ...)
        - chromium-browser <unfixed>
-       TODO: check
+       - libv8 <removed>
+       - libv8-3.14 <unfixed>
 CVE-2013-6648
        RESERVED
 CVE-2013-6647


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to