[Secure-testing-commits] r25638 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Mon Feb 10 05:34:10 UTC 2014
Author: carnil
Date: 2014-02-10 05:34:10 +0000 (Mon, 10 Feb 2014)
New Revision: 25638
Modified:
data/CVE/list
Log:
CVE assigned for hoha, itp'ed
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-02-10 05:30:57 UTC (rev 25637)
+++ data/CVE/list 2014-02-10 05:34:10 UTC (rev 25638)
@@ -5,6 +5,14 @@
- python-gnupg <unfixed>
CVE-2014-1927 [Erroneous assumptions about the usability of " characters]
- python-gnupg <unfixed>
+CVE-2014-1925 [SQL injection]
+ - koha <itp> (bug #702134)
+CVE-2014-1924 [MARC framework import/export function did not require authentication]
+ - koha <itp> (bug #702134)
+CVE-2014-1923 [arbitrary file write trough edithelp.pl]
+ - koha <itp> (bug #702134)
+CVE-2014-1922 [path traversal]
+ - koha <itp> (bug #702134)
CVE-2014-1896 [XSA-86 libvchan failure handling malicious ring indexes]
- xen <unfixed>
[squeeze] - xen <not-affected> (Only affects 4.2 and later)
More information about the Secure-testing-commits
mailing list