[Secure-testing-commits] r23205 - in data: . CVE

Moritz Muehlenhoff jmm at alioth.debian.org
Tue Aug 6 14:59:34 UTC 2013


Author: jmm
Date: 2013-08-06 14:59:34 +0000 (Tue, 06 Aug 2013)
New Revision: 23205

Modified:
   data/CVE/list
   data/dsa-needed.txt
Log:
no dsa needed for sssd, one issue n/a and the other no-dsa


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2013-08-06 14:58:54 UTC (rev 23204)
+++ data/CVE/list	2013-08-06 14:59:34 UTC (rev 23205)
@@ -12752,9 +12752,11 @@
 	- coreutils <not-affected> (Affected patch not added to Debian package)
 	NOTE: http://www.openwall.com/lists/oss-security/2013/01/21/14
 CVE-2013-0220 (The (1) sss_autofs_cmd_getautomntent and (2) ...)
-	- sssd 1.8.4-2 (bug #698871)
+	- sssd 1.8.4-2 (low; bug #698871)
+	[squeeze] - sssd <not-affected> (autofs and ssh responders not yet present)
 CVE-2013-0219 (System Security Services Daemon (SSSD) before 1.9.4, when (1) ...)
-	- sssd 1.8.4-2 (bug #698871)
+	- sssd 1.8.4-2 (low; bug #698871)
+	[squeeze] - sssd <no-dsa> (Minor issue)
 CVE-2013-0218 (The GUI installer in JBoss Enterprise Application Platform (EAP) and ...)
 	- jbossas4 <not-affected> (Only builds a few libraries, not the full application server, #581226)
 CVE-2013-0217 (Memory leak in drivers/net/xen-netback/netback.c in the Xen netback ...)

Modified: data/dsa-needed.txt
===================================================================
--- data/dsa-needed.txt	2013-08-06 14:58:54 UTC (rev 23204)
+++ data/dsa-needed.txt	2013-08-06 14:59:34 UTC (rev 23205)
@@ -32,8 +32,6 @@
 --
 libav (ffmpeg in oldstable)
 --
-libwpd/oldstable only
---
 librack-ruby/oldstable
   Package to review was already prepared
 --
@@ -72,8 +70,6 @@
 --
 srtp (nion)
 --
-sssd/oldstable
---
 tomcat7/stable (jmm)
 --
 vlc




More information about the Secure-testing-commits mailing list