[Secure-testing-commits] r25429 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Thu Jan 30 17:55:07 UTC 2014
Author: jmm
Date: 2014-01-30 17:55:07 +0000 (Thu, 30 Jan 2014)
New Revision: 25429
Modified:
data/CVE/list
Log:
fix horde3 entry
apache no-dsa
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-01-30 17:45:17 UTC (rev 25428)
+++ data/CVE/list 2014-01-30 17:55:07 UTC (rev 25429)
@@ -53,8 +53,7 @@
- openssh <not-affected> (J-PAKE not activated)
CVE-2014-1691 [Possible remote code execution on horde3]
RESERVED
- - horde3 (medium; bug #737149)
- [squeeze] - horde3 3.3.8+debian0-3
+ - horde3 <removed> (medium; bug #737149)
- php-horde-util 2.3.0-1
NOTE: https://github.com/horde/horde/commit/da6afc7e9f4e290f782eca9dbca794f772caccb3
NOTE: https://github.com/horde/horde/commit/acf67ab4a633037849aca9e4a7592465b999ad93 is also required
@@ -17324,7 +17323,9 @@
NOTE: http://git.fedorahosted.org/cgit/389/ds.git/commit/?h=389-ds-base-1.2.11&id=5a18c828533a670e7143327893f8171a19062286
NOTE: https://fedorahosted.org/389/ticket/47308
CVE-2013-1896 (mod_dav.c in the Apache HTTP Server before 2.2.25 does not properly ...)
- - apache2 2.4.6-1 (bug #717272)
+ - apache2 2.4.6-1 (low; bug #717272)
+ [squeeze] - apache2 <no-dsa> (Minor issue)
+ [wheezy] - apache2 <no-dsa> (Minor issue)
NOTE: http://www.gossamer-threads.com/lists/apache/announce/427633
NOTE: Patch against 2.4 branch: http://svn.apache.org/viewvc?view=revision&revision=1486461
CVE-2013-1895 [concurrency issue leading to auth bypass]
More information about the Secure-testing-commits
mailing list