[Secure-testing-commits] r25044 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sat Jan 4 09:38:35 UTC 2014
Author: carnil
Date: 2014-01-04 09:38:35 +0000 (Sat, 04 Jan 2014)
New Revision: 25044
Modified:
data/CVE/list
Log:
Add fixed version for CVE-2013-4214/nagios3
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-01-03 22:34:44 UTC (rev 25043)
+++ data/CVE/list 2014-01-04 09:38:35 UTC (rev 25044)
@@ -9297,9 +9297,11 @@
- nagios-plugins <unfixed> (unimportant)
NOTE: vulnerable code present, but check_ipxping not build and installed
CVE-2013-4214 (rss-newsfeed.php in Nagios Core 3.4.4, 3.5.1, and earlier, when ...)
- - nagios3 <unfixed> (low; bug #719056)
+ - nagios3 3.5.1-1 (low; bug #719056)
[wheezy] - nagios3 <no-dsa> (Minor issue)
[squeeze] - nagios3 <not-affected> (html/rss-newsfeed.php not present)
+ NOTE: fixed by removing html/rss-newsfeed.php completely
+ NOTE: http://anonscm.debian.org/gitweb/?p=pkg-nagios/pkg-nagios3.git;a=commit;h=c88bef82308c99601732bb9517a1af5bc6928282
CVE-2013-4213 (Red Hat JBoss Enterprise Application Platform (EAP) 6.1.0 does not ...)
- jbossas4 <not-affected> (Only builds a few libraries, not the full application server, #581226)
CVE-2013-4212 (Certain getText methods in the ActionSupport controller in Apache ...)
More information about the Secure-testing-commits
mailing list