[Secure-testing-commits] r24945 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Sun Dec 29 10:54:50 UTC 2013
Author: jmm
Date: 2013-12-29 10:54:49 +0000 (Sun, 29 Dec 2013)
New Revision: 24945
Modified:
data/CVE/list
Log:
web2py unimportant
openssl no-dsa
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-12-29 10:48:27 UTC (rev 24944)
+++ data/CVE/list 2013-12-29 10:54:49 UTC (rev 24945)
@@ -2103,9 +2103,9 @@
CVE-2013-6838
RESERVED
CVE-2013-6837 (Cross-site scripting (XSS) vulnerability in the setTimeout function in ...)
- - web2py <unfixed>
+ - web2py <unfixed> (unimportant)
NOTE: python-web2py contains /usr/share/web2py/applications/examples/static/js/jquery.prettyPhoto.js
- TODO: check
+ NOTE: Only an example code
CVE-2013-6836 (Heap-based buffer overflow in the ms_escher_get_data function in ...)
- gnumeric 1.12.9-1 (low)
[wheezy] - gnumeric <no-dsa> (Minor issue)
@@ -3044,7 +3044,8 @@
RESERVED
CVE-2013-6450 [DTLS retransmission from previous session]
RESERVED
- - openssl 1.0.1e-5
+ - openssl 1.0.1e-5 (low)
+ [squeeze] - openssl <no-dsa> (Minor issue, limited DTLS support in 0.9.8 branch)
CVE-2013-6449 [crash when using TLS 1.2]
RESERVED
- openssl 1.0.1e-5 (bug #732754)
More information about the Secure-testing-commits
mailing list