[Secure-testing-commits] r25381 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Mon Jan 27 19:20:48 UTC 2014


Author: carnil
Date: 2014-01-27 19:20:47 +0000 (Mon, 27 Jan 2014)
New Revision: 25381

Modified:
   data/CVE/list
Log:
CVE-2014-1624 does not affect pyxdg in squeeze and wheezy

The get_runtime_dir function was added only in versions later than 0.19
in wheezy and squeeze.

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2014-01-27 19:01:35 UTC (rev 25380)
+++ data/CVE/list	2014-01-27 19:20:47 UTC (rev 25381)
@@ -391,8 +391,8 @@
 CVE-2014-1624 [insecure use of /tmp]
 	RESERVED
 	- pyxdg 0.25-4 (low; bug #736247)
-	[squeeze] - pyxdg <no-dsa> (Minor issue)
-	[wheezy] - pyxdg <no-dsa> (Minor issue)
+	[squeeze] - pyxdg <not-affected> (get_runtime_dir introduced in later version)
+	[wheezy] - pyxdg <not-affected> (get_runtime_dir introduced in later version)
 CVE-2014-1611
 	RESERVED
 	NOT-FOR-US: Drupal contrib




More information about the Secure-testing-commits mailing list