[Secure-testing-commits] r28130 - in data: . CVE DLA

Holger Levsen holger at moszumanska.debian.org
Thu Aug 7 14:54:40 UTC 2014 

Author: holger
Date: 2014-08-07 14:54:40 +0000 (Thu, 07 Aug 2014)
New Revision: 28130

Modified:
   data/CVE/list
   data/DLA/list
   data/lts-needed.txt
Log:
munin DLA 20-1 is done

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2014-08-07 14:26:24 UTC (rev 28129)
+++ data/CVE/list	2014-08-07 14:54:40 UTC (rev 28130)
@@ -15600,7 +15600,7 @@
 CVE-2013-6359 (Munin::Master::Node in Munin before 2.0.18 allows remote attackers to ...)
 	{DSA-2815-1}
 	- munin 2.0.18-1
-	[squeeze] - munin <no-dsa> (Minor issue)
+	[squeeze] - munin 1.4.5-3+deb6u1
 	NOTE: http://munin-monitoring.org/ticket/1397
 CVE-2013-6358
 	RESERVED
@@ -16302,7 +16302,7 @@
 CVE-2013-6048 (The get_group_tree function in lib/Munin/Master/HTMLConfig.pm in Munin ...)
 	{DSA-2815-1}
 	- munin 2.0.18-1
-	[squeeze] - munin <no-dsa> (Minor issue)
+	[squeeze] - munin 1.4.5-3+deb6u1
 CVE-2013-6047 (Multiple cross-site scripting (XSS) vulnerabilities in the site ...)
 	- ikiwiki-hosting 0.20131025
 	[wheezy] - ikiwiki-hosting <no-dsa> (Minor XSS)
@@ -40647,7 +40647,7 @@
 	NOTE: http://www.munin-monitoring.org/ticket/1238
 CVE-2012-3512 (Munin before 2.0.6 stores plugin state files that run as root in the ...)
 	- munin 2.0.6-1 (bug #684075)
-	[squeeze] - munin <no-dsa> (Minor issue)
+	[squeeze] - munin 1.4.5-3+deb6u1
 	NOTE: http://www.munin-monitoring.org/ticket/1234
 CVE-2012-3511 (Multiple race conditions in the madvise_remove function in ...)
 	- linux 3.2.23-1

Modified: data/DLA/list
===================================================================
--- data/DLA/list	2014-08-07 14:26:24 UTC (rev 28129)
+++ data/DLA/list	2014-08-07 14:54:40 UTC (rev 28130)
@@ -1,3 +1,6 @@
+[07 Aug 2014] DLA-20-1 munin - security update
+	{CVE-2012-3512 CVE-2013-6048 CVE-2013-6359}
+	[squeeze] - munin 1.4.5-3+deb6u1
 [05 Aug 2014] DLA-30-1 acpi-support - security update
 	{CVE-2014-1419}
 	[squeeze] - acpi-support 0.137-5+deb6u1
@@ -33,7 +36,6 @@
 [26 Jul 2014] DLA-0021-1 fail2ban - security update
 	{CVE-2013-7176 CVE-2013-7177}
 	[squeeze] - fail2ban 0.8.4-3+squeeze3
-reserved DLA-0020-1 munin #679897 CVE-2013-6048 munin#1397 CVE-2012-3512 
 [29 Jul 2014] DLA-0019-1 postgresql-8.4 - new upstream minor release
 	{CVE-2014-0067}
 	[squeeze] - postgresql-8.4 8.4.22-0+deb6u1

Modified: data/lts-needed.txt
===================================================================
--- data/lts-needed.txt	2014-08-07 14:26:24 UTC (rev 28129)
+++ data/lts-needed.txt	2014-08-07 14:54:40 UTC (rev 28130)
@@ -46,8 +46,6 @@
 --
 lzo2
 --
-munin (Christoph Biedl + h01ger)
---
 nfs-utils
 --
 nspr (Thorsten Alteholz)

More information about the Secure-testing-commits mailing list