[Secure-testing-commits] r25379 - data/CVE

Moritz Muehlenhoff jmm at moszumanska.debian.org
Mon Jan 27 18:14:43 UTC 2014 

Author: jmm
Date: 2014-01-27 18:14:43 +0000 (Mon, 27 Jan 2014)
New Revision: 25379

Modified:
   data/CVE/list
Log:
remove non security issue in binutils-h8300-hms
fixup unstable status of ganglia


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2014-01-27 10:19:57 UTC (rev 25378)
+++ data/CVE/list	2014-01-27 18:14:43 UTC (rev 25379)
@@ -4840,10 +4840,6 @@
 CVE-2013-6765
 	RESERVED
 	NOT-FOR-US: OpenVAS Manager (only uploaded to experimental 2.5 years ago)
-CVE-2013-XXXX [binutils-h8300-hms buffer overflow]
-	- binutils-h8300-hms <unfixed> (low; bug #729274)
-	[squeeze] - binutils-h8300-hms <no-dsa> (Minor issue)
-	[wheezy] - binutils-h8300-hms <no-dsa> (Minor issue)
 CVE-2013-XXXX [staden-io-lib buffer overflow]
 	- staden-io-lib <unfixed> (low; bug #729276)
 	[squeeze] - staden-io-lib <no-dsa> (Minor issue)
@@ -5500,6 +5496,7 @@
 	[wheezy] - ganglia <no-dsa> (Minor issue)
 	- ganglia 3.6.0-1
 	NOTE: ganglia-web and ganglia are now two separate source packages
+	NOTE: starting with 3.6.0-1 the web front is no longer built from src:ganglia so marking this version as fixed
 	NOTE: https://github.com/ganglia/ganglia-web/issues/218
 CVE-2013-6394 (Percona XtraBackup before 2.1.6 uses a constant string for the ...)
 	- percona-xtrabackup <unfixed> (bug #730544)
@@ -17600,11 +17597,11 @@
 	NOTE: http://www.openwall.com/lists/oss-security/2013/02/24/5
 CVE-2013-1770 [XSS issues in views_view.php]
 	RESERVED
-	- ganglia <unfixed> (low; bug #700158)
+	- ganglia 3.6.0-1 (low; bug #700158)
 	[squeeze] - ganglia <no-dsa> (Minor issue)
 	[wheezy] - ganglia <no-dsa> (Minor issue)
 	- ganglia-web 3.5.8-3 (bug #700159)
-	NOTE: ganglia-web only in experimental, security-tracker does not handle experimental versions
+	NOTE: starting with 3.6.0-1 the web front is no longer built from src:ganglia so marking this version as fixed
 	NOTE: Upstream non-verified fix https://github.com/ganglia/ganglia-web/commit/552965f33bf79d41ccbec3f1f26840c8bab54ad6
 CVE-2013-1769 (A certain hashing algorithm in Telepathy Gabble 0.16.x before 0.16.5 ...)
 	- telepathy-gabble 0.16.5-1 (low; bug #702252)
@@ -22197,10 +22194,11 @@
 	NOTE: Starting with 2.3.14.1 rails is a transition package
 	NOTE: The fix for 3.2 is present in ruby-activemodel-3.2, not ruby-activerecord-3.2
 CVE-2013-0275 (Multiple cross-site scripting (XSS) vulnerabilities in Ganglia Web ...)
-	- ganglia <unfixed> (low; bug #700158)
+	- ganglia 3.6.0-1 (low; bug #700158)
 	[squeeze] - ganglia <no-dsa> (Minor issue)
 	[wheezy] - ganglia <no-dsa> (Minor issue)
 	- ganglia-web 3.5.8-3 (bug #700159)
+	NOTE: starting with 3.6.0-1 the web front is no longer built from src:ganglia so marking this version as fixed
 	NOTE: https://github.com/ganglia/ganglia-web/commit/31d348947419058c43b8dfcd062e2988abd5058e
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=892823
 CVE-2013-0274 (upnp.c in libpurple in Pidgin before 2.10.7 does not properly ...)

More information about the Secure-testing-commits mailing list