[Secure-testing-commits] r25017 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Thu Jan 2 11:27:16 UTC 2014
Author: jmm
Date: 2014-01-02 11:27:16 +0000 (Thu, 02 Jan 2014)
New Revision: 25017
Modified:
data/CVE/list
Log:
mark one rails issue (src package in oldstable and transition package for later releases) not-affected
software-properties N/A in oldstable and no-dsa in stable
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-01-02 10:44:41 UTC (rev 25016)
+++ data/CVE/list 2014-01-02 11:27:16 UTC (rev 25017)
@@ -7949,7 +7949,7 @@
- rails-4.0 4.0.2+dfsg-1 (bug #731290)
- ruby-actionpack-3.2 3.2.16-1 (bug #731288)
- ruby-actionpack-2.3 <not-affected> (vulnerable code not present)
- - rails 2.3.14.1
+ - rails <not-affected> (Vulnerable code not present)
NOTE: Starting with 2.3.14.1 rails is a transition package
CVE-2013-4490 [Remote code execution vulnerability in the SSH key upload feature]
RESERVED
@@ -17541,6 +17541,8 @@
NOT-FOR-US: ubuntu-system-service
CVE-2013-1061 (dbus/SoftwarePropertiesDBus.py in Software Properties 0.92.17 before ...)
- software-properties 0.92.18 (low)
+ [wheezy] - software-properties <no-dsa> (Minor issue)
+ [squeeze] - software-properties <not-affected> (Vulnerable code not present)
CVE-2013-1060 (A certain Ubuntu build procedure for perf, as distributed in the Linux ...)
NOT-FOR-US: Ubuntu packaging specific
CVE-2013-1059 (net/ceph/auth_none.c in the Linux kernel through 3.10 allows remote ...)
More information about the Secure-testing-commits
mailing list