[Secure-testing-commits] r24658 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Tue Dec 10 05:41:32 UTC 2013
Author: carnil
Date: 2013-12-10 05:41:32 +0000 (Tue, 10 Dec 2013)
New Revision: 24658
Modified:
data/CVE/list
Log:
CVE assigned for libmicrohttpd
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-12-10 05:37:47 UTC (rev 24657)
+++ data/CVE/list 2013-12-10 05:41:32 UTC (rev 24658)
@@ -16,12 +16,6 @@
RESERVED
CVE-2013-XXXX [password hashes aren't compared case-sensitively]
- pam <unfixed> (bug #731368)
-CVE-2013-XXXX [out-of-bounds read in MHD_http_unescape()]
- - libmicrohttpd <unfixed>
- NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1039384
-CVE-2013-XXXX [stack overflow in MHD_digest_auth_check()]
- - libmicrohttpd <unfixed>
- NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1039390
CVE-2014-0365
RESERVED
CVE-2014-0364
@@ -102,6 +96,12 @@
RESERVED
CVE-2014-0326
RESERVED
+CVE-2013-7039 [stack overflow in MHD_digest_auth_check()]
+ - libmicrohttpd <unfixed>
+ NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1039390
+CVE-2013-7038 [out-of-bounds read in MHD_http_unescape()]
+ - libmicrohttpd <unfixed>
+ NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1039384
CVE-2013-7024 (The jpeg2000_decode_tile function in libavcodec/jpeg2000dec.c in ...)
- ffmpeg <not-affected> (Vulnerable code not present)
- libav <not-affected> (Vulnerable code not present)
More information about the Secure-testing-commits
mailing list