[Secure-testing-commits] r25337 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Thu Jan 23 13:17:20 UTC 2014
Author: jmm
Date: 2014-01-23 13:17:19 +0000 (Thu, 23 Jan 2014)
New Revision: 25337
Modified:
data/CVE/list
Log:
xen N/A
mongodb no-dsa
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-01-23 12:53:43 UTC (rev 25336)
+++ data/CVE/list 2014-01-23 13:17:19 UTC (rev 25337)
@@ -1,5 +1,7 @@
CVE-2014-XXXX [xen: XSA-83 Out-of-memory condition yielding memory corruption during IRQ setup]
- TODO: check
+ - xen <unfixed>
+ [squeeze] - xen <not-affected> (Only affects 4.2 and later)
+ [wheezy] - xen <not-affected> (Only affects 4.2 and later)
NOTE: http://www.openwall.com/lists/oss-security/2014/01/23/2
CVE-2014-XXXX [Possible remote code execution on horde3]
- horde3 <unfixed>
@@ -1716,6 +1718,8 @@
CVE-2012-6619 [MongoDB memory over-read via incorrect BSON object length]
RESERVED
- mongodb 1:2.4.1-1
+ [wheezy] - mongodb <no-dsa> (Workaround exists, intrusive change)
+ [squeeze] - mongodb <no-dsa> (Workaround exists, intrusive change)
NOTE: http://article.gmane.org/gmane.comp.security.oss.general/11822
NOTE: https://jira.mongodb.org/browse/SERVER-7769
CVE-2012-6618 (The av_probe_input_buffer function in libavformat/utils.c in FFmpeg ...)
More information about the Secure-testing-commits
mailing list