[Secure-testing-commits] r25802 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Thu Feb 20 07:08:17 UTC 2014
Author: carnil
Date: 2014-02-20 07:08:17 +0000 (Thu, 20 Feb 2014)
New Revision: 25802
Modified:
data/CVE/list
Log:
Add comment to maradns's TODO
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-02-20 05:38:16 UTC (rev 25801)
+++ data/CVE/list 2014-02-20 07:08:17 UTC (rev 25802)
@@ -6,11 +6,11 @@
CVE-2014-2032 [missing input validation]
- maradns <unfixed>
NOTE: https://github.com/samboy/MaraDNS/commit/2cfcd2397cb8168d4aa4594839fabe88420d03c3
- TODO: check
+ TODO: check, vulnerable code present but seems Deadwood is not built
CVE-2014-2031 [logic error]
- maradns <unfixed>
NOTE: https://github.com/samboy/MaraDNS/commit/f015495d221f1c2b2f10db38e87cecf3839d6093
- TODO: check
+ TODO: check, vulnerable code present but seems Deadwood is not built
CVE-2014-2030
- imagemagick <unfixed>
NOTE: for the issue in newer imagemagick versions using "L%06ld" string.
More information about the Secure-testing-commits
mailing list