[Secure-testing-commits] r28130 - in data: . CVE DLA
Holger Levsen
holger at moszumanska.debian.org
Thu Aug 7 14:54:40 UTC 2014
Author: holger
Date: 2014-08-07 14:54:40 +0000 (Thu, 07 Aug 2014)
New Revision: 28130
Modified:
data/CVE/list
data/DLA/list
data/lts-needed.txt
Log:
munin DLA 20-1 is done
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-08-07 14:26:24 UTC (rev 28129)
+++ data/CVE/list 2014-08-07 14:54:40 UTC (rev 28130)
@@ -15600,7 +15600,7 @@
CVE-2013-6359 (Munin::Master::Node in Munin before 2.0.18 allows remote attackers to ...)
{DSA-2815-1}
- munin 2.0.18-1
- [squeeze] - munin <no-dsa> (Minor issue)
+ [squeeze] - munin 1.4.5-3+deb6u1
NOTE: http://munin-monitoring.org/ticket/1397
CVE-2013-6358
RESERVED
@@ -16302,7 +16302,7 @@
CVE-2013-6048 (The get_group_tree function in lib/Munin/Master/HTMLConfig.pm in Munin ...)
{DSA-2815-1}
- munin 2.0.18-1
- [squeeze] - munin <no-dsa> (Minor issue)
+ [squeeze] - munin 1.4.5-3+deb6u1
CVE-2013-6047 (Multiple cross-site scripting (XSS) vulnerabilities in the site ...)
- ikiwiki-hosting 0.20131025
[wheezy] - ikiwiki-hosting <no-dsa> (Minor XSS)
@@ -40647,7 +40647,7 @@
NOTE: http://www.munin-monitoring.org/ticket/1238
CVE-2012-3512 (Munin before 2.0.6 stores plugin state files that run as root in the ...)
- munin 2.0.6-1 (bug #684075)
- [squeeze] - munin <no-dsa> (Minor issue)
+ [squeeze] - munin 1.4.5-3+deb6u1
NOTE: http://www.munin-monitoring.org/ticket/1234
CVE-2012-3511 (Multiple race conditions in the madvise_remove function in ...)
- linux 3.2.23-1
Modified: data/DLA/list
===================================================================
--- data/DLA/list 2014-08-07 14:26:24 UTC (rev 28129)
+++ data/DLA/list 2014-08-07 14:54:40 UTC (rev 28130)
@@ -1,3 +1,6 @@
+[07 Aug 2014] DLA-20-1 munin - security update
+ {CVE-2012-3512 CVE-2013-6048 CVE-2013-6359}
+ [squeeze] - munin 1.4.5-3+deb6u1
[05 Aug 2014] DLA-30-1 acpi-support - security update
{CVE-2014-1419}
[squeeze] - acpi-support 0.137-5+deb6u1
@@ -33,7 +36,6 @@
[26 Jul 2014] DLA-0021-1 fail2ban - security update
{CVE-2013-7176 CVE-2013-7177}
[squeeze] - fail2ban 0.8.4-3+squeeze3
-reserved DLA-0020-1 munin #679897 CVE-2013-6048 munin#1397 CVE-2012-3512
[29 Jul 2014] DLA-0019-1 postgresql-8.4 - new upstream minor release
{CVE-2014-0067}
[squeeze] - postgresql-8.4 8.4.22-0+deb6u1
Modified: data/lts-needed.txt
===================================================================
--- data/lts-needed.txt 2014-08-07 14:26:24 UTC (rev 28129)
+++ data/lts-needed.txt 2014-08-07 14:54:40 UTC (rev 28130)
@@ -46,8 +46,6 @@
--
lzo2
--
-munin (Christoph Biedl + h01ger)
---
nfs-utils
--
nspr (Thorsten Alteholz)
More information about the Secure-testing-commits
mailing list