[Secure-testing-commits] r23095 - data/CVE
Moritz Muehlenhoff
jmm at alioth.debian.org
Fri Jul 26 05:43:15 UTC 2013
Author: jmm
Date: 2013-07-26 05:43:15 +0000 (Fri, 26 Jul 2013)
New Revision: 23095
Modified:
data/CVE/list
Log:
one remaining openjdk issue is Oracle Java only
xmonad-contrib no-dsa
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-07-26 04:54:07 UTC (rev 23094)
+++ data/CVE/list 2013-07-26 05:43:15 UTC (rev 23095)
@@ -2580,7 +2580,8 @@
- openjdk-6 <not-affected> (Only affects Java 7)
- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
CVE-2013-3743 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
- - openjdk-6 <unfixed>
+ - openjdk-6 <not-affected> (Specific to Oracle Java, not present in IcedTea)
+ NOTE: Due to the vague disclosure policy by Oracle the exact nature is unknown but since no patch landed in icedtea, we consider it not-affected
- openjdk-7 <not-affected> (Only affects Java 5 and Java 6)
CVE-2013-3741
RESERVED
@@ -8850,7 +8851,9 @@
RESERVED
CVE-2013-1436 [code injection]
RESERVED
- - xmonad-contrib 0.11.2-1
+ - xmonad-contrib 0.11.2-1 (low)
+ [squeeze] - xmonad-contrib <no-dsa> (Minor issue)
+ [wheezy] - xmonad-contrib <no-dsa> (Minor issue)
CVE-2013-1435
RESERVED
CVE-2013-1434
More information about the Secure-testing-commits
mailing list