[Secure-testing-commits] r25602 - data/CVE

Moritz Muehlenhoff jmm at moszumanska.debian.org
Sat Feb 8 12:31:01 UTC 2014 

Author: jmm
Date: 2014-02-08 12:31:01 +0000 (Sat, 08 Feb 2014)
New Revision: 25602

Modified:
   data/CVE/list
Log:
mark pidgin as EOLed for oldstable


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2014-02-08 11:57:42 UTC (rev 25601)
+++ data/CVE/list	2014-02-08 12:31:01 UTC (rev 25602)
@@ -4808,6 +4808,7 @@
 CVE-2014-0020
 	RESERVED
 	- pidgin 2.10.8-1
+	[squeeze] - pidgin <end-of-life> (Update not feasible, updated packages are provided through backports)
 CVE-2014-0019 (Stack-based buffer overflow in socat 1.3.0.0 through 1.7.2.2 and ...)
 	- socat 1.7.2.3-1 (low; bug #736993)
 	[squeeze] - socat <no-dsa> (Minor issue)
@@ -5880,46 +5881,58 @@
 CVE-2013-6490
 	RESERVED
 	- pidgin 2.10.8-1
+	[squeeze] - pidgin <end-of-life> (Update not feasible, updated packages are provided through backports)
 CVE-2013-6489
 	RESERVED
 	- pidgin 2.10.8-1
+	[squeeze] - pidgin <end-of-life> (Update not feasible, updated packages are provided through backports)
 CVE-2013-6488
 	REJECTED
 CVE-2013-6487
 	RESERVED
 	{DSA-2852-1}
 	- pidgin 2.10.8-1
+	[squeeze] - pidgin <end-of-life> (Update not feasible, updated packages are provided through backports)
 	- libgadu 1:1.11.3-1
 CVE-2013-6486
 	RESERVED
 	- pidgin 2.10.8-1
+	[squeeze] - pidgin <end-of-life> (Update not feasible, updated packages are provided through backports)
 CVE-2013-6485
 	RESERVED
 	- pidgin 2.10.8-1
+	[squeeze] - pidgin <end-of-life> (Update not feasible, updated packages are provided through backports)
 CVE-2013-6484
 	RESERVED
 	- pidgin 2.10.8-1
+	[squeeze] - pidgin <end-of-life> (Update not feasible, updated packages are provided through backports)
 CVE-2013-6483
 	RESERVED
 	- pidgin 2.10.8-1
+	[squeeze] - pidgin <end-of-life> (Update not feasible, updated packages are provided through backports)
 CVE-2013-6482
 	RESERVED
 	- pidgin 2.10.8-1
+	[squeeze] - pidgin <end-of-life> (Update not feasible, updated packages are provided through backports)
 CVE-2013-6481
 	RESERVED
 	- pidgin 2.10.8-1
+	[squeeze] - pidgin <end-of-life> (Update not feasible, updated packages are provided through backports)
 CVE-2013-6480 (Libcloud 0.12.3 through 0.13.2 does not set the scrub_data parameter ...)
 	- python-libcloud <not-affected> (affects 0.12.3 to 0.13.3)
 	NOTE: version prior to 0.12.3 don't include a DigitalOcean driver
 CVE-2013-6479
 	RESERVED
 	- pidgin 2.10.8-1
+	[squeeze] - pidgin <end-of-life> (Update not feasible, updated packages are provided through backports)
 CVE-2013-6478
 	RESERVED
 	- pidgin 2.10.8-1
+	[squeeze] - pidgin <end-of-life> (Update not feasible, updated packages are provided through backports)
 CVE-2013-6477
 	RESERVED
 	- pidgin 2.10.8-1
+	[squeeze] - pidgin <end-of-life> (Update not feasible, updated packages are provided through backports)
 CVE-2013-6476
 	RESERVED
 CVE-2013-6475
@@ -22888,14 +22901,18 @@
 CVE-2013-0274 (upnp.c in libpurple in Pidgin before 2.10.7 does not properly ...)
 	- pidgin 2.10.6-3
 	NOTE: http://www.pidgin.im/news/security/?id=68
+	[squeeze] - pidgin <end-of-life> (Update not feasible, updated packages are provided through backports)
 CVE-2013-0273 (sametime.c in the Sametime protocol plugin in libpurple in Pidgin ...)
 	- pidgin 2.10.6-3
 	NOTE: http://pidgin.im/news/security/?id=67
+	[squeeze] - pidgin <end-of-life> (Update not feasible, updated packages are provided through backports)
 CVE-2013-0272 (Buffer overflow in http.c in the MXit protocol plugin in libpurple in ...)
 	- pidgin 2.10.6-3
 	NOTE: http://pidgin.im/news/security/?id=66
+	[squeeze] - pidgin <end-of-life> (Update not feasible, updated packages are provided through backports)
 CVE-2013-0271 (The MXit protocol plugin in libpurple in Pidgin before 2.10.7 might ...)
 	- pidgin 2.10.6-3
+	[squeeze] - pidgin <end-of-life> (Update not feasible, updated packages are provided through backports)
 	NOTE: http://pidgin.im/news/security/?id=65
 CVE-2013-0270 (OpenStack Keystone Grizzly before 2013.1, Folsom, and possibly earlier ...)
 	- keystone 2013.1.1-2
@@ -23763,6 +23780,7 @@
 CVE-2012-6152
 	RESERVED
 	- pidgin 2.10.8-1
+	[squeeze] - pidgin <end-of-life> (Update not feasible, updated packages are provided through backports)
 CVE-2012-6151 (Net-SNMP 5.7.1 and earlier, when AgentX is registering to handle a MIB ...)
 	- net-snmp <unfixed> (low; bug #731625)
 	[wheezy] - net-snmp <no-dsa> (Minor issue)
@@ -34396,6 +34414,7 @@
 	[squeeze] - linux-2.6 2.6.32-46
 CVE-2012-2318 (msg.c in the MSN protocol plugin in libpurple in Pidgin before 2.10.4 ...)
 	- pidgin 2.10.4-1
+	[squeeze] - pidgin <end-of-life> (Update not feasible, updated packages are provided through backports)
 CVE-2012-2317 (The Debian php_crypt_revamped.patch patch for PHP 5.3.x, as used in ...)
 	- php5 5.3.6-1 (bug #581170)
 	[squeeze] - php5 5.3.3-7+squeeze4
@@ -34655,6 +34674,7 @@
 	NOT-FOR-US: Novell ZENworks Configuration Management
 CVE-2012-2214 (proxy.c in libpurple in Pidgin before 2.10.4 does not properly handle ...)
 	- pidgin 2.10.4-1
+	[squeeze] - pidgin <end-of-life> (Update not feasible, updated packages are provided through backports)
 	NOTE: http://www.pidgin.im/news/security/?id=62
 CVE-2012-2213 (** DISPUTED ** Squid 3.1.9 allows remote attackers to bypass the ...)
 	NOT-FOR-US: Disputed Squid access bypass, probably user error and minor impact anyway

More information about the Secure-testing-commits mailing list