[Secure-testing-commits] r25805 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Thu Feb 20 13:47:09 UTC 2014
Author: jmm
Date: 2014-02-20 13:47:09 +0000 (Thu, 20 Feb 2014)
New Revision: 25805
Modified:
data/CVE/list
Log:
openswan, maradns n/a
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-02-20 09:19:03 UTC (rev 25804)
+++ data/CVE/list 2014-02-20 13:47:09 UTC (rev 25805)
@@ -2,15 +2,13 @@
- percona-toolkit <unfixed>
TODO: check and report to BTS
CVE-2014-2037 [incomplete fix for CVE-2013-6466 DoS in openSwan]
- - openswan <unfixed>
+ - openswan <not-affected> (Incomplete fix was never applied)
CVE-2014-2032 [missing input validation]
- - maradns <unfixed>
+ - maradns <not-affected> (Deadwood resolver not enabled)
NOTE: https://github.com/samboy/MaraDNS/commit/2cfcd2397cb8168d4aa4594839fabe88420d03c3
- TODO: check, vulnerable code present but seems Deadwood is not built
CVE-2014-2031 [logic error]
- - maradns <unfixed>
+ - maradns <not-affected> (Deadwood resolver not enabled)
NOTE: https://github.com/samboy/MaraDNS/commit/f015495d221f1c2b2f10db38e87cecf3839d6093
- TODO: check, vulnerable code present but seems Deadwood is not built
CVE-2014-2030
- imagemagick <unfixed>
NOTE: for the issue in newer imagemagick versions using "L%06ld" string.
More information about the Secure-testing-commits
mailing list