[Secure-testing-commits] r30752 - in data: . CVE
Raphaël Hertzog
hertzog at moszumanska.debian.org
Mon Dec 15 09:44:37 UTC 2014
Author: hertzog
Date: 2014-12-15 09:44:37 +0000 (Mon, 15 Dec 2014)
New Revision: 30752
Modified:
data/CVE/list
data/dla-needed.txt
Log:
Mark zoph issue as unimportant
The claims appear to be unfounded.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-12-15 08:43:30 UTC (rev 30751)
+++ data/CVE/list 2014-12-15 09:44:37 UTC (rev 30752)
@@ -2184,9 +2184,10 @@
CVE-2012-6663
RESERVED
CVE-2014-XXXX [zoph multiple issues]
- - zoph <removed>
+ - zoph <removed> (unimportant)
NOTE: http://seclists.org/fulldisclosure/2014/Nov/45
NOTE: https://github.com/jeroenrnl/zoph/issues/59
+ NOTE: The SQL injection and XSS claims appear to be mostly unfounded.
CVE-2014-8988 (MantisBT before 1.2.18 allows remote authenticated users to bypass the ...)
- mantis <removed>
[squeeze] - mantis <end-of-life> (Unsupported in squeeze-lts)
Modified: data/dla-needed.txt
===================================================================
--- data/dla-needed.txt 2014-12-15 08:43:30 UTC (rev 30751)
+++ data/dla-needed.txt 2014-12-15 09:44:37 UTC (rev 30752)
@@ -81,10 +81,6 @@
--
zendframework
--
-zoph
- NOTE: Has been dropped from newer releases. Should we instead mark
- it unsupported?
---
More information about the Secure-testing-commits
mailing list