[Secure-testing-commits] r28293 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Fri Aug 15 08:42:47 UTC 2014


Author: carnil
Date: 2014-08-15 08:42:47 +0000 (Fri, 15 Aug 2014)
New Revision: 28293

Modified:
   data/CVE/list
Log:
CVE assigned for xcfa issues

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2014-08-15 08:38:38 UTC (rev 28292)
+++ data/CVE/list	2014-08-15 08:42:47 UTC (rev 28293)
@@ -42,9 +42,12 @@
 CVE-2014-XXXX [bypass of file access restriction / information disclosure]
 	- libplack-perl 1.0031-1
 	NOTE: https://github.com/plack/Plack/issues/405
-CVE-2014-XXXX [Insecure use of temporary files]
+CVE-2014-5255 [Insecure use of temporary file related to the /tmp/get_infos_dvd.sh]
 	- xcfa <unfixed> (low; bug #756600)
 	[wheezy] - xcfa <no-dsa> (Minor issue)
+CVE-2014-5254 [Symlink following issues]
+	- xcfa <unfixed> (low; bug #756600)
+	[wheezy] - xcfa <no-dsa> (Minor issue)
 CVE-2014-XXXX [Enforce use of HTTPS for MathJax in IPython]
 	- ipython 0.12-1
 	[wheezy] - ipython <no-dsa> (Minor issue)




More information about the Secure-testing-commits mailing list