[Secure-testing-commits] r25404 - in data: . CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Wed Jan 29 08:07:48 UTC 2014
Author: jmm
Date: 2014-01-29 08:07:48 +0000 (Wed, 29 Jan 2014)
New Revision: 25404
Modified:
data/CVE/list
data/dsa-needed.txt
Log:
socat, vbox no-dsa
dsa-needed for mantis and pidgin
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-01-29 07:45:03 UTC (rev 25403)
+++ data/CVE/list 2014-01-29 08:07:48 UTC (rev 25404)
@@ -2721,19 +2721,25 @@
- openjdk-6 <not-affected> (Specific to MacOS X)
- openjdk-7 <not-affected> (Specific to MacOS X)
CVE-2014-0407 (Unspecified vulnerability in the Oracle VM VirtualBox component in ...)
- - virtualbox-ose <removed>
- - virtualbox <unfixed> (bug #735410)
+ - virtualbox-ose <removed> (low)
+ - virtualbox <unfixed> (low; bug #735410)
+ [squeeze] - virtualbox-ose <no-dsa> (Minor issue, limited to local DoS)
+ [wheezy] - virtualbox <no-dsa> (Minor issue, limited to local DoS)
CVE-2014-0406 (Unspecified vulnerability in the Oracle VM VirtualBox component in ...)
- - virtualbox-ose <removed>
- - virtualbox <unfixed> (bug #735410)
+ - virtualbox-ose <removed> (low)
+ - virtualbox <unfixed> (low; bug #735410)
+ [squeeze] - virtualbox-ose <no-dsa> (Minor issue, limited to local DoS)
+ [wheezy] - virtualbox <no-dsa> (Minor issue, limited to local DoS)
CVE-2014-0405 (Unspecified vulnerability in the Oracle VM VirtualBox component in ...)
- virtualbox-guest-additions <removed> (bug #735410)
[squeeze] - virtualbox-guest-additions <no-dsa> (Non-free not supported)
- virtualbox-guest-additions-iso <unfixed> (bug #735410)
[wheezy] - virtualbox-guest-additions-iso <no-dsa> (Non-free not supported)
CVE-2014-0404 (Unspecified vulnerability in the Oracle VM VirtualBox component in ...)
- - virtualbox-ose <removed>
- - virtualbox <unfixed> (bug #735410)
+ - virtualbox-ose <removed> (low)
+ - virtualbox <unfixed> (low; bug #735410)
+ [squeeze] - virtualbox-ose <no-dsa> (Minor issue, limited to local DoS)
+ [wheezy] - virtualbox <no-dsa> (Minor issue, limited to local DoS)
CVE-2014-0403 (Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows ...)
- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
@@ -4230,7 +4236,9 @@
- pidgin 2.10.8-1
CVE-2014-0019 [PROXY-CONNECT address overflow]
RESERVED
- - socat <unfixed> (bug #736993)
+ - socat <unfixed> (low; bug #736993)
+ [squeeze] - socat <no-dsa> (Minor issue)
+ [wheezy] - socat <no-dsa> (Minor issue)
CVE-2014-0018
RESERVED
NOT-FOR-US: Red Hat JBoss Enterprise Application Platform
@@ -6766,8 +6774,10 @@
- openjdk-6 <not-affected> (Only affects OpenJDK 7)
- openjdk-7 7u51-2.4.4-1
CVE-2013-5892 (Unspecified vulnerability in the Oracle VM VirtualBox component in ...)
- - virtualbox-ose <removed>
- - virtualbox <unfixed> (bug #735410)
+ - virtualbox-ose <removed> (low)
+ - virtualbox <unfixed> (low; bug #735410)
+ [squeeze] - virtualbox-ose <no-dsa> (Minor issue, limited to local DoS)
+ [wheezy] - virtualbox <no-dsa> (Minor issue, limited to local DoS)
CVE-2013-5891 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
{DSA-2848-1}
- mysql-5.5 5.5.35+dfsg-1
Modified: data/dsa-needed.txt
===================================================================
--- data/dsa-needed.txt 2014-01-29 07:45:03 UTC (rev 25403)
+++ data/dsa-needed.txt 2014-01-29 08:07:48 UTC (rev 25404)
@@ -54,6 +54,8 @@
--
libxstream-java
--
+mantis
+--
mediawiki (thijs)
--
moodle/oldstable
@@ -74,7 +76,7 @@
php-openid (jmm)
--
pidgin/oldstable
- The version in squeeze is likely too outdated anyway, so end-of-life might be the better option
+ update to 2.10.8 in stable-security, end-of-life for oldstable
--
qt4-x11/oldstable
--
More information about the Secure-testing-commits
mailing list