[Secure-testing-commits] r30527 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Thu Dec 4 07:16:38 UTC 2014
Author: jmm
Date: 2014-12-04 07:16:38 +0000 (Thu, 04 Dec 2014)
New Revision: 30527
Modified:
data/CVE/list
Log:
no-dsa; kexec-tools, rlpy
ruby2.1 fixed
NFU, concludes external check
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-12-04 06:13:13 UTC (rev 30526)
+++ data/CVE/list 2014-12-04 07:16:38 UTC (rev 30527)
@@ -2545,6 +2545,7 @@
NOT-FOR-US: F5 BIG-IP Analytics
CVE-2014-XXXX [unsafe use of flag file in /tmp]
- kexec-tools <unfixed> (bug #766772)
+ [jessie] - kexec-tools <no-dsa> (Minor issue)
[wheezy] - kexec-tools <no-dsa> (Minor issue)
[squeeze] - kexec-tools <not-affected> (coldreboot script not present)
CVE-2010-XXXX [insecure handling of /tmp files in debian/preinst]
@@ -10699,7 +10700,7 @@
- ruby1.9.1 <removed> (low)
[wheezy] - ruby1.9.1 <no-dsa> (Minor issue)
- ruby2.0 <removed> (low)
- - ruby2.1 <unfixed> (low)
+ - ruby2.1 2.1.3-1 (low)
NOTE: http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=revision&revision=46778
CVE-2014-4974 (The ESET Personal Firewall NDIS filter (EpFwNdis.sys) kernel mode ...)
NOT-FOR-US: ESET
@@ -18888,7 +18889,8 @@
NOT-FOR-US: Android Jelly Bean
CVE-2014-1938 [insecure use of /tmp]
RESERVED
- - python-rply <unfixed> (bug #737627)
+ - python-rply <unfixed> (low; bug #737627)
+ [jessie] - python-rply <no-dsa> (Minor issue)
NOTE: this CVE is for the insecure use of /tmp as followup for CVE-2014-1604
CVE-2014-1937 [insecure use of /tmp]
RESERVED
@@ -24248,6 +24250,7 @@
- mcollective 1.2.1+dfsg-2
CVE-2014-0163
RESERVED
+ NOT-FOR-US: OpenShift
CVE-2014-0162 (The Sheepdog backend in OpenStack Image Registry and Delivery Service ...)
- glance 2014.1-1
[wheezy] - glance <not-affected> (Only affects 2013.2 to 2013.2.3)
More information about the Secure-testing-commits
mailing list