[Secure-testing-commits] r24667 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Tue Dec 10 13:53:38 UTC 2013
Author: carnil
Date: 2013-12-10 13:53:38 +0000 (Tue, 10 Dec 2013)
New Revision: 24667
Modified:
data/CVE/list
Log:
Add entry for ack-grep
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-12-10 13:51:14 UTC (rev 24666)
+++ data/CVE/list 2013-12-10 13:53:38 UTC (rev 24667)
@@ -1,3 +1,8 @@
+CVE-2013-XXXX [potential remote code execution via per-project .ackrc files]
+ - ack-grep <unfixed> (bug #731848)
+ [wheezy] - ack-grep <not-affected> (don't support per-project .ackrc files)
+ [squeeze] - ack-grep <not-affected> (don't support per-project .ackrc files)
+ NOTE: https://github.com/petdance/ack2/issues/399
CVE-2013-7025 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
TODO: check
CVE-2013-7007
More information about the Secure-testing-commits
mailing list