[Secure-testing-commits] r25322 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Wed Jan 22 06:03:06 UTC 2014


Author: carnil
Date: 2014-01-22 06:03:06 +0000 (Wed, 22 Jan 2014)
New Revision: 25322

Modified:
   data/CVE/list
Log:
Update information for CVE-2013-7301/cantata; thanks themill

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2014-01-22 05:21:48 UTC (rev 25321)
+++ data/CVE/list	2014-01-22 06:03:06 UTC (rev 25322)
@@ -131,7 +131,7 @@
 CVE-2013-7302
 	NOT-FOR-US: Drupal contrib
 CVE-2013-7301 [external network interface is used with no access control for reading queued music files]
-	- cantata <unfixed> (bug #736154)
+	- cantata <not-affected> (Vulnerable code introduced with 1.2.0; bug #736154)
 	NOTE: https://code.google.com/p/cantata/issues/detail?id=356
 CVE-2013-7300 [absolute path traversal vulnerability]
 	- cantata <unfixed> (bug #736154)




More information about the Secure-testing-commits mailing list