[Secure-testing-commits] r28425 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Fri Aug 22 11:55:11 UTC 2014
Author: carnil
Date: 2014-08-22 11:55:11 +0000 (Fri, 22 Aug 2014)
New Revision: 28425
Modified:
data/CVE/list
Log:
Add descriptions for check-mk
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-08-22 11:48:43 UTC (rev 28424)
+++ data/CVE/list 2014-08-22 11:55:11 UTC (rev 28425)
@@ -81,16 +81,16 @@
RESERVED
CVE-2014-5341
RESERVED
-CVE-2014-5340
+CVE-2014-5340 [Code executing due to insecure input handling]
RESERVED
- check-mk <unfixed>
NOTE: http://git.mathias-kettner.de/git/?p=check_mk.git;a=commit;h=192d41525502dc8de10ac99f57bd988450c17566
NOTE: introduces incompatible changes to older versions, see https://bugzilla.redhat.com/show_bug.cgi?id=1132337#c2
-CVE-2014-5339
+CVE-2014-5339 [Write access to config (.mk) files in arbitrary places on the filesystem]
RESERVED
- check-mk <unfixed>
NOTE: http://git.mathias-kettner.de/git/?p=check_mk.git;a=commit;h=7998aa4d53d2fef7302c0761b9c8f47e2f626e18
-CVE-2014-5338
+CVE-2014-5338 [Reflected Cross-Site Scripting (XSS)]
RESERVED
- check-mk <not-affected> (Vulnerable code not present)
NOTE: http://git.mathias-kettner.de/git/?p=check_mk.git;a=commit;h=4b71709456bfc2ffc27a3583f13cc2ac0e726709
More information about the Secure-testing-commits
mailing list