[Secure-testing-commits] r30792 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Wed Dec 17 07:26:14 UTC 2014
Author: carnil
Date: 2014-12-17 07:26:14 +0000 (Wed, 17 Dec 2014)
New Revision: 30792
Modified:
data/CVE/list
Log:
Add two new file issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-12-17 07:20:49 UTC (rev 30791)
+++ data/CVE/list 2014-12-17 07:26:14 UTC (rev 30792)
@@ -1,3 +1,13 @@
+CVE-2014-XXXX [Limit the number of ELF notes processed - DoS]
+ - file <unfixed>
+ - php5 <unfixed>
+ NOTE: Report: http://mx.gw.com/pipermail/file/2014/001653.html
+ NOTE: Fix: https://github.com/file/file/commit/ce90e05774dd77d86cfc8dfa6da57b32816841c4
+CVE-2014-XXXX [Limit string printing to 100 chars - DoS]
+ - file <unfixed>
+ - php5 <unfixed>
+ NOTE: Report: http://mx.gw.com/pipermail/file/2014/001654.html
+ NOTE: Fix: https://github.com/file/file/commit/65437cee25199dbd385fb35901bc0011e164276c
CVE-2014-XXXX [insufficient 'X-Forwarded-For' header validation]
- rabbitmq-server 3.4.1-1
NOTE: http://hg.rabbitmq.com/rabbitmq-management/rev/c3c41177a11a
More information about the Secure-testing-commits
mailing list