[Secure-testing-commits] r23848 - data/CVE
Salvatore Bonaccorso
carnil at alioth.debian.org
Tue Oct 1 19:19:23 UTC 2013
Author: carnil
Date: 2013-10-01 19:19:23 +0000 (Tue, 01 Oct 2013)
New Revision: 23848
Modified:
data/CVE/list
Log:
Add fixed version for CVE-2013-4349/icedtea-web
Add the fixed version from deferred queue which will enter the archive
in some hours. Need to rebuild the packages for wheezy (1.4-3.1~deb7u1)
based on 1.4-3.1.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-10-01 16:45:29 UTC (rev 23847)
+++ data/CVE/list 2013-10-01 19:19:23 UTC (rev 23848)
@@ -3582,7 +3582,7 @@
NOTE: http://git.kernel.org/cgit/linux/kernel/git/davem/net.git/commit/?id=95ee62083cb6453e056562d91f597552021e6ae7
CVE-2013-4349 [IcedTeaScriptableJavaObject::invoke off-by-one heap-based buffer overflow]
RESERVED
- - icedtea-web <unfixed> (bug #723118)
+ - icedtea-web 1.4-3.1 (bug #723118)
NOTE: issues CVE-2012-4540 not fixed in 1.4 branch
NOTE: Patch: http://icedtea.classpath.org/hg/release/icedtea-web-1.4/rev/82e007d8b05a
CVE-2013-4348
More information about the Secure-testing-commits
mailing list