[Secure-testing-commits] r30549 - data/CVE
Henri Salo
fgeek-guest at moszumanska.debian.org
Thu Dec 4 20:18:47 UTC 2014
Author: fgeek-guest
Date: 2014-12-04 20:18:47 +0000 (Thu, 04 Dec 2014)
New Revision: 30549
Modified:
data/CVE/list
Log:
CVE-2014-9278
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-12-04 20:16:48 UTC (rev 30548)
+++ data/CVE/list 2014-12-04 20:18:47 UTC (rev 30549)
@@ -125,6 +125,10 @@
- unrtf <unfixed>
NOTE: https://lists.gnu.org/archive/html/bug-unrtf/2014-11/msg00000.html
TODO: check
+CVE-2014-9278 [~/.k5users unexpectedly grants remote login]
+ - openssh <not-affected> (patch not applied to Debian)
+ NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1169843
+ NOTE: Patch https://bugzilla.mindrot.org/show_bug.cgi?id=1867 from not applied in Debian
CVE-2014-9277 [<cross-domain-policy> mangling allows injection in API format=php]
- mediawiki <unfixed>
[squeeze] - mediawiki <end-of-life>
@@ -443,10 +447,6 @@
- linux 2.6.38-1
- linux-2.6 2.6.38-1
NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=fc3a9157d314 (v2.6.38-rc1)
-CVE-2014-XXXX [~/.k5users unexpectedly grants remote login]
- - openssh <not-affected> (patch not applied to Debian)
- NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1169843
- NOTE: Patch https://bugzilla.mindrot.org/show_bug.cgi?id=1867 from not applied in Debian
CVE-2014-9156 (The FileField module 6.x-3.x before 6.x-3.13 for Drupal does not ...)
NOT-FOR-US: Drupal module FileField
CVE-2014-9129
More information about the Secure-testing-commits
mailing list