[Secure-testing-commits] r30996 - data/CVE
Stefan Fritsch
sf at moszumanska.debian.org
Sun Dec 28 08:08:52 UTC 2014
Author: sf
Date: 2014-12-28 08:08:51 +0000 (Sun, 28 Dec 2014)
New Revision: 30996
Modified:
data/CVE/list
Log:
upcoming apache2 fix
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-12-28 07:56:55 UTC (rev 30995)
+++ data/CVE/list 2014-12-28 08:08:51 UTC (rev 30996)
@@ -15276,8 +15276,8 @@
NOT-FOR-US: Apache CXF
CVE-2014-3583 (The handle_headers function in mod_proxy_fcgi.c in the mod_proxy_fcgi ...)
- apache2 2.4.10-8 (low)
- [wheezy] - apache2 <no-dsa> (minor issue)
- [squeeze] - apache2 <no-dsa> (minor issue)
+ [wheezy] - apache2 <not-affected> (no mod_proxy_fcgi in 2.2)
+ [squeeze] - apache2 <not-affected> (no mod_proxy_fcgi in 2.2)
NOTE: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/proxy/mod_proxy_fcgi.c?r1=1618401&r2=1638818
NOTE: Only exploitable by a malicious fcgi script.
CVE-2014-3582
@@ -29120,7 +29120,7 @@
CVE-2013-5704 (The mod_headers module in the Apache HTTP Server 2.2.22 allows remote ...)
{DLA-71-1}
- apache2 2.4.10-2 (medium)
- [wheezy] - apache2 <no-dsa> (minor issue)
+ [wheezy] - apache2 2.2.22-13+deb7u4
NOTE: http://marc.info/?l=apache-httpd-dev&m=139636309822854&w=2
CVE-2013-5703 (The DrayTek Vigor 2700 router 2.8.3 allows remote attackers to execute ...)
NOT-FOR-US: DrayTek Vigor 2700 router
More information about the Secure-testing-commits
mailing list