[Secure-testing-commits] r25382 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Mon Jan 27 20:03:34 UTC 2014
Author: carnil
Date: 2014-01-27 20:03:34 +0000 (Mon, 27 Jan 2014)
New Revision: 25382
Modified:
data/CVE/list
Log:
Add CVE-2014-1474 entry
Does not affect request-tracker4 as currently in any suite of Debian, as
only 4.2.x will depend on Email::Address::List.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-01-27 19:20:47 UTC (rev 25381)
+++ data/CVE/list 2014-01-27 20:03:34 UTC (rev 25382)
@@ -328,6 +328,9 @@
RESERVED
CVE-2014-1474
RESERVED
+ - request-tracker4 <not-affected> (Only 4.2.0 to 4.2.2 inclusive have the dependency to Email::Address::List)
+ - libemail-address-list-perl <unfixed>
+ NOTE: http://lists.bestpractical.com/pipermail/rt-announce/2014-January/000245.html
CVE-2013-7305 (fpw.php in e107 through 1.0.4 does not check the user_ban field, which ...)
TODO: check
CVE-2013-7304 (Check Point Endpoint Security MI Server through R73 3.0.0 HFA2.5 does ...)
More information about the Secure-testing-commits
mailing list