[Secure-testing-commits] r24845 - in data: . CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Fri Dec 20 14:35:03 UTC 2013
Author: jmm
Date: 2013-12-20 14:35:03 +0000 (Fri, 20 Dec 2013)
New Revision: 24845
Modified:
data/CVE/list
data/dsa-needed.txt
Log:
jenkins bn
djvulibre DSA needed for oldstable
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-12-20 10:59:47 UTC (rev 24844)
+++ data/CVE/list 2013-12-20 14:35:03 UTC (rev 24845)
@@ -4866,9 +4866,8 @@
RESERVED
CVE-2013-5573 [Default markup formatter permits offsite-bound forms]
RESERVED
- - jenkins <unfixed>
+ - jenkins <unfixed> (bug #732708)
NOTE: http://seclists.org/fulldisclosure/2013/Dec/159
- TODO: check
CVE-2013-5572 (Zabbix 2.0.5 allows remote authenticated users to discover the LDAP ...)
- zabbix <unfixed> (unimportant)
NOTE: http://seclists.org/fulldisclosure/2013/Sep/151
@@ -12482,6 +12481,7 @@
NOT-FOR-US: Spree
CVE-2012-6535 (DjVuLibre before 3.5.25.3, as used in Evince, Sumatra PDF Reader, ...)
- djvulibre 3.5.25.3-1
+ NOTE: http://sourceforge.net/p/djvu/djvulibre-git/ci/d4f0f6d37fe6a1fb427cfa33a64ead1eff32d28e/
NOTE: evince doesnt use an embedded version of this
CVE-2013-2505
RESERVED
Modified: data/dsa-needed.txt
===================================================================
--- data/dsa-needed.txt 2013-12-20 10:59:47 UTC (rev 24844)
+++ data/dsa-needed.txt 2013-12-20 14:35:03 UTC (rev 24845)
@@ -17,6 +17,8 @@
--
asterisk
--
+djvulibre/oldstable
+--
drupal6
Asked maintainers for squeeze-security targetting packages
--
More information about the Secure-testing-commits
mailing list