[Secure-testing-commits] r30499 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Wed Dec 3 07:49:31 UTC 2014
Author: jmm
Date: 2014-12-03 07:49:31 +0000 (Wed, 03 Dec 2014)
New Revision: 30499
Modified:
data/CVE/list
Log:
two iceweasel n/a
hibernate no-dsa
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-12-03 05:56:09 UTC (rev 30498)
+++ data/CVE/list 2014-12-03 07:49:31 UTC (rev 30499)
@@ -1971,8 +1971,10 @@
RESERVED
CVE-2014-8632
RESERVED
+ - iceweasel <not-affected> (Only affects Firefox 33)
CVE-2014-8631
RESERVED
+ - iceweasel <not-affected> (Only affects Firefox 33)
CVE-2014-8630
RESERVED
CVE-2014-8629 (Cross-site scripting (XSS) vulnerability in the Page visualization ...)
@@ -14218,6 +14220,7 @@
NOT-FOR-US: ovirt-engine-backend
CVE-2014-3558 (ReflectionHelper (org.hibernate.validator.util.ReflectionHelper) in ...)
- libhibernate-validator-java <unfixed> (low; bug #762690)
+ [jessie] - libhibernate-validator-java <no-dsa> (Only used as a build dependency for libhibernate3-java)
[wheezy] - libhibernate-validator-java <no-dsa> (Only used as a build dependency for libhibernate3-java)
NOTE: RedHat upgraded to new upstream versions in their security
NOTE: updates. No patches are available for the 4.0.x branch we
@@ -65582,7 +65585,8 @@
[wheezy] - bouncycastle <no-dsa> (Minor issue)
NOTE: No mitigation for bouncycastle, it is recommended to use TLS 1.1, which is supported since 1.4.9
- nss 3.13.1.with.ckbi.1.88-1
- - polarssl <unfixed>
+ - polarssl <unfixed> (unimportant)
+ NOTE: No mitigation for polarssl, it is recommended to use TLS 1.1, which is supported in all releases
- tlslite <removed>
[wheezy] - tlslite <no-dsa> (Minor issue)
CVE-2011-3388 (Opera before 11.51 allows remote attackers to cause an insecure site ...)
More information about the Secure-testing-commits
mailing list