[Secure-testing-commits] r25582 - data/CVE

[Moritz Muehlenhoff]

Author: jmm
Date: 2014-02-07 22:55:01 +0000 (Fri, 07 Feb 2014)
New Revision: 25582

Modified:
   data/CVE/list
Log:
no-dsa: erlang, otrs


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2014-02-07 22:43:41 UTC (rev 25581)
+++ data/CVE/list	2014-02-07 22:55:01 UTC (rev 25582)
@@ -481,11 +481,15 @@
 	RESERVED
 	NOT-FOR-US: WordPress plugin nokia-mapsplaces
 CVE-2014-1694 (Multiple cross-site request forgery (CSRF) vulnerabilities in (1) ...)
-	- otrs2 3.3.4-1
+	- otrs2 3.3.4-1 (low)
+	[wheezy] - otrs2 <no-dsa> (Minor issue)
+	[squeeze] - otrs2 <no-dsa> (Minor issue)
 	NOTE: https://www.otrs.com/security-advisory-2014-01-csrf-issue-customer-web-interface/
 CVE-2014-1693
 	RESERVED
-	- erlang <unfixed>
+	- erlang <unfixed> (low)
+	[squeeze] - erlang <no-dsa> (Minor issue)
+	[wheezy] - erlang <no-dsa> (Minor issue)
 CVE-2014-1692 (The hash_buffer function in schnorr.c in OpenSSH through 6.4, when ...)
 	- openssh <not-affected> (J-PAKE not activated)
 CVE-2014-1691 [Possible remote code execution on horde3]
@@ -1053,7 +1057,9 @@
 CVE-2014-1472 (Multiple cross-site scripting (XSS) vulnerabilities in the Enterprise ...)
 	NOT-FOR-US: McAfee Vulnerability Manager
 CVE-2014-1471 (SQL injection vulnerability in the StateGetStatesByType function in ...)
-	- otrs2 3.3.4-1
+	- otrs2 3.3.4-1 (low)
+	[wheezy] - otrs2 <no-dsa> (Minor issue)
+	[squeeze] - otrs2 <no-dsa> (Minor issue)
 	NOTE: https://www.otrs.com/security-advisory-2014-02-sql-injection-issue/
 CVE-2014-1470
 	RESERVED
@@ -2733,6 +2739,7 @@
 	- ffmpeg <removed>
 	NOTE: Fix in ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=e74cd2f4706f71da5e9205003c1d8263b54ed3fb
 	NOTE: Fix in libav: http://git.libav.org/?p=libav.git;a=commit;h=2115a3597457231a6e5c0527fe0ff8550f64b733
+        NOTE: Pending for 0.8.11
 CVE-2012-6617 (The prepare_sdp_description function in ffserver.c in FFmpeg before ...)
 	- libav <unfixed>
 	- ffmpeg <removed>