[Secure-testing-commits] r25647 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Mon Feb 10 10:00:28 UTC 2014
Author: jmm
Date: 2014-02-10 10:00:28 +0000 (Mon, 10 Feb 2014)
New Revision: 25647
Modified:
data/CVE/list
Log:
xen N/A
oath-toolkit no-dsa
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-02-10 07:14:35 UTC (rev 25646)
+++ data/CVE/list 2014-02-10 10:00:28 UTC (rev 25647)
@@ -1,5 +1,6 @@
CVE-2013-7322 [OTP token invalidation]
- - oath-toolkit <unfixed> (bug #738515)
+ - oath-toolkit <unfixed> (low; bug #738515)
+ [wheezy] - oath-toolkit <no-dsa> (Minor issue)
NOTE: http://lists.nongnu.org/archive/html/oath-toolkit-help/2013-12/msg00000.html
NOTE: possible patch: http://lists.nongnu.org/archive/html/oath-toolkit-help/2013-12/txtUm85v7Wqcy.txt
CVE-2014-1928 [Erroneous insertion of a \ character]
@@ -25,17 +26,17 @@
[squeeze] - xen <not-affected> (Only affects 4.2 and later)
[wheezy] - xen <not-affected> (Only affects 4.2 and later)
CVE-2014-1894 [XSA-84]
- - xen <unfixed>
- TODO: check
+ - xen <not-affected> (XSM not enabled in build)
+ NOTE: Debian package not built with XSM_ENABLE, thus resulted binary packages not affected
CVE-2014-1893 [XSA-84]
- - xen <unfixed>
- TODO: check
+ - xen <not-affected> (XSM not enabled in build)
+ NOTE: Debian package not built with XSM_ENABLE, thus resulted binary packages not affected
CVE-2014-1892 [XSA-84]
- - xen <unfixed>
- TODO: check
+ - xen <not-affected> (XSM not enabled in build)
+ NOTE: Debian package not built with XSM_ENABLE, thus resulted binary packages not affected
CVE-2014-1891 [XSA-84]
- - xen <unfixed>
- TODO: check
+ - xen <not-affected> (XSM not enabled in build)
+ NOTE: Debian package not built with XSM_ENABLE, thus resulted binary packages not affected
CVE-2014-1887
NOT-FOR-US: Apache Cordova
CVE-2014-1886
More information about the Secure-testing-commits
mailing list