[Secure-testing-commits] r24885 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Mon Dec 23 21:26:26 UTC 2013
Author: carnil
Date: 2013-12-23 21:26:26 +0000 (Mon, 23 Dec 2013)
New Revision: 24885
Modified:
data/CVE/list
Log:
Add tow CVE's for devscripts, uploaded to unstable in 2.13.9
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-12-23 21:17:53 UTC (rev 24884)
+++ data/CVE/list 2013-12-23 21:26:26 UTC (rev 24885)
@@ -791,7 +791,7 @@
CVE-2013-7086 (The message function in lib/webbynode/notify.rb in the Webbynode gem ...)
NOT-FOR-US: Ruby Gem Webbynode
CVE-2013-7085 (Uscan in devscripts 2.13.5, when USCAN_EXCLUSION is enabled, allows ...)
- - devscripts <unfixed> (bug #732006)
+ - devscripts 2.13.9 (bug #732006)
[wheezy] - devscripts <not-affected> (does not contain the vulnerable code; introduced in 2.13.5)
[squeeze] - devscripts <not-affected> (does not contain the vulnerable code; introduced in 2.13.5)
CVE-2013-7082 (Cross-site scripting (XSS) vulnerability in the errorAction method in ...)
@@ -1964,6 +1964,7 @@
RESERVED
CVE-2013-6888
RESERVED
+ - devscripts 2.13.9
CVE-2013-6887
RESERVED
- openjpeg <not-affected> (only affects 1.5, in experimental)
More information about the Secure-testing-commits
mailing list