[Secure-testing-commits] r31032 - data/CVE

Moritz Muehlenhoff jmm at moszumanska.debian.org
Mon Dec 29 23:50:51 UTC 2014


Author: jmm
Date: 2014-12-29 23:50:51 +0000 (Mon, 29 Dec 2014)
New Revision: 31032

Modified:
   data/CVE/list
Log:
commons-httpclient, mpg123 no-dsa
batman-adv issue n/a for wheezy/squeeze


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2014-12-29 21:50:02 UTC (rev 31031)
+++ data/CVE/list	2014-12-29 23:50:51 UTC (rev 31032)
@@ -1,8 +1,8 @@
 CVE-2014-XXXX [Remote crash of kernel via batman-adv module]
 	- linux <unfixed> (bug #774155)
-	- linux-2.6 <removed>
+	[wheezy] - linux <not-affected> (Introduced in 3.13)
+	- linux-2.6 <not-affected> (Introduced in 3.13)
 	NOTE: http://thread.gmane.org/gmane.linux.network/343494
-	TODO: check, might be present only from 3.13 onwards
 CVE-2014-XXXX [libsndfile: two buffer read overflows]
 	- libsndfile <unfixed> (bug #774162)
 CVE-2014-XXXX [a2p: buffer overflow]
@@ -12,12 +12,12 @@
 	NOTE: https://git.fedorahosted.org/cgit/elfutils.git/commit/?id=147018e729e7c22eeabf15b82d26e4bf68a0d18e
 CVE-2014-XXXX [Buffer overflow]
 	- mpg123 1.18.0-1
+	[wheezy] - mpg123 <no-dsa> (Minor issue)
 	[squeeze] - mpg123 <not-affected> (Introduced in 1.14.1)
 	NOTE: http://sourceforge.net/p/mpg123/bugs/201/
 CVE-2014-XXXX [Buffer overflow in INFO tags of riff]
 	- exiv2 <unfixed> (bug #773846)
 	NOTE: http://dev.exiv2.org/issues/1002
-	TODO: check
 CVE-2015-0551
 	RESERVED
 CVE-2015-0550
@@ -46651,6 +46651,7 @@
 	[squeeze] - axis <no-dsa> (Minor issue)
 CVE-2012-5783 (Apache Commons HttpClient 3.x, as used in Amazon Flexible Payments ...)
 	- commons-httpclient 3.1-10.1 (bug #692442)
+	[wheezy] - commons-httpclient <no-dsa> (Minor issue)
 	[squeeze] - commons-httpclient <no-dsa> (Minor issue)
 CVE-2012-5782 (Amazon Flexible Payments Service (FPS) PHP Library does not verify ...)
 	NOT-FOR-US: Amazon Flexible Payments Service




More information about the Secure-testing-commits mailing list