[Secure-testing-commits] r28080 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Mon Aug 4 15:15:41 UTC 2014
Author: jmm
Date: 2014-08-04 15:15:41 +0000 (Mon, 04 Aug 2014)
New Revision: 28080
Modified:
data/CVE/list
Log:
xfca, ipython no-dsa
restore unimportant entry for libav issue
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-08-04 12:48:40 UTC (rev 28079)
+++ data/CVE/list 2014-08-04 15:15:41 UTC (rev 28080)
@@ -2,13 +2,15 @@
- libplack-perl 1.0031-1
NOTE: https://github.com/plack/Plack/issues/405
CVE-2014-XXXX [Insecure use of temporary files]
- - xcfa <unfixed> (bug #756600)
+ - xcfa <unfixed> (low; bug #756600)
+ [wheezy] - xcfa <no-dsa> (Minor issue)
CVE-2014-3528 [MD5 collision authentication leak]
RESERVED
- subversion <unfixed>
NOTE: http://mail-archives.apache.org/mod_mbox/subversion-dev/201407.mbox/%3C53DAB4A7.8030004%40reser.org%3E
CVE-2014-XXXX [Enforce use of HTTPS for MathJax in IPython]
- ipython <unfixed>
+ [wheezy] - ipython <no-dsa> (Minor issue)
[squeeze] - ipython <not-affected> (Affects versions <= 2.1 and >= 0.12)
NOTE: https://github.com/ipython/ipython/issues/6246
CVE-2014-5177 [Unsafe parsing of XML documents allows arbitrary file read]
@@ -52895,7 +52897,7 @@
- libav 4:0.8.1-1
- ffmpeg <removed>
CVE-2011-3946 (The ff_h264_decode_sei function in libavcodec/h264_sei.c in FFmpeg ...)
- - libav 6:10.3-1
+ - libav 6:10.3-1 (unimportant)
- ffmpeg <removed> (unimportant)
NOTE: Not suitable for code injection, not treated as security issue
CVE-2011-3945 (The decode_frame function in the KVG1 decoder (kgv1dec.c) in ...)
More information about the Secure-testing-commits
mailing list