[Secure-testing-commits] r28411 - data/CVE

Joey Hess joeyh at moszumanska.debian.org
Thu Aug 21 09:14:14 UTC 2014 

Author: joeyh
Date: 2014-08-21 09:14:14 +0000 (Thu, 21 Aug 2014)
New Revision: 28411

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2014-08-21 09:07:09 UTC (rev 28410)
+++ data/CVE/list	2014-08-21 09:14:14 UTC (rev 28411)
@@ -1633,6 +1633,7 @@
 CVE-2014-4671 (Adobe Flash Player before 13.0.0.231 and 14.x before 14.0.0.145 on ...)
 	NOT-FOR-US: Adobe Flash
 CVE-2014-4670 (Use-after-free vulnerability in ext/spl/spl_dllist.c in the SPL ...)
+	{DSA-3008-1}
 	- php5 5.6.0~rc3+dfsg-1 (unimportant)
 	NOTE: exploitable by malicious scripts only
 	NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=df78c48354f376cf419d7a97f88ca07d572f00fb
@@ -4094,6 +4095,7 @@
 	- pillow 2.5.3-1
 CVE-2014-3597 [segfault in dns_get_record]
 	RESERVED
+	{DSA-3008-1}
 	- php5 <unfixed>
 	NOTE: patch: https://github.com/php/php-src/commit/2fefae47716d501aec41c1102f3fd4531f070b05#diff-d41d8cd98f00b204e9800998ecf8427e
 	NOTE: https://bugs.php.net/bug.php?id=67717
@@ -4123,6 +4125,7 @@
 	- foreman <itp> (bug #663101)
 CVE-2014-3589 [DoS in IcnsImagePlugin]
 	RESERVED
+	{DSA-3009-1}
 	- pillow 2.5.3-1 (bug #758772)
 	- python-imaging <removed>
 	NOTE: https://github.com/python-pillow/Pillow/commit/205e056f8f9b06ed7b925cf8aa0874bc4aaf8a7d
@@ -4130,6 +4133,7 @@
 	RESERVED
 CVE-2014-3587
 	RESERVED
+	{DSA-3008-1}
 	- php5 <unfixed>
 	NOTE: https://bugs.php.net/bug.php?id=67716
 	NOTE: https://github.com/php/php-src/commit/7ba1409a1aee5925180de546057ddd84ff267947
@@ -4268,6 +4272,7 @@
 CVE-2014-3539
 	RESERVED
 CVE-2014-3538 (file before 5.19 does not properly restrict the amount of data read ...)
+	{DSA-3008-1}
 	- file 1:5.19-1
 	NOTE: fix relies on the new feature that introduced regex/<length> syntax, might be too intrusive for backporting.
 	- php5 5.6.0~rc4+dfsg-1
@@ -12174,15 +12179,19 @@
 	RESERVED
 CVE-2014-0483 [data leakage via querystring manipulation in admin]
 	RESERVED
+	{DSA-3010-1}
 	- python-django 1.6.6-1
 CVE-2014-0482 [RemoteUserMiddleware session hijacking]
 	RESERVED
+	{DSA-3010-1}
 	- python-django 1.6.6-1
 CVE-2014-0481 [file upload denial of service]
 	RESERVED
+	{DSA-3010-1}
 	- python-django 1.6.6-1
 CVE-2014-0480 [reverse() can generate URLs pointing to other hosts]
 	RESERVED
+	{DSA-3010-1}
 	- python-django 1.6.6-1
 CVE-2014-0479 (reportbug before 6.4.4+deb7u1 and 6.5.x before 6.5.0+nmu1 allows ...)
 	{DSA-2997-1}

More information about the Secure-testing-commits mailing list