[Secure-testing-commits] r27603 - data/CVE

Moritz Muehlenhoff jmm at moszumanska.debian.org
Fri Jul 4 14:01:02 UTC 2014 

Author: jmm
Date: 2014-07-04 14:01:01 +0000 (Fri, 04 Jul 2014)
New Revision: 27603

Modified:
   data/CVE/list
Log:
record fixes from squeeze-lts update
mark one kernel issue as n/a for squeeze
dovecot, python-pycadf fixed


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2014-07-04 11:09:34 UTC (rev 27602)
+++ data/CVE/list	2014-07-04 14:01:01 UTC (rev 27603)
@@ -477,8 +477,7 @@
 	RESERVED
 	- neutron <unfixed>
 	- ceilometer <unfixed>
-	- python-pycadf <unfixed>
-	TODO: check
+	- python-pycadf 0.5.1-1
 CVE-2014-4614
 	RESERVED
 	- piwigo <removed> (low)
@@ -1472,7 +1471,7 @@
 	NOTE: https://launchpad.net/bugs/1309195
 CVE-2014-4157 (arch/mips/include/asm/thread_info.h in the Linux kernel before 3.14.8 ...)
 	- linux 3.14.7-1 (bug #751417)
-	- linux-2.6 <removed>
+	- linux-2.6 <not-affected> (squeeze-lts only covers x86)
 CVE-2014-XXXX [Class loader vulnerability in DefaultResolver]
 	- commons-beanutils 1.9.2-1
 	NOTE: https://issues.apache.org/jira/browse/BEANUTILS-463
@@ -3324,7 +3323,7 @@
 	[squeeze] - puppet <no-dsa> (Minor issue)
 	- ruby-hiera <unfixed> (low)
 	[wheezy] - ruby-hiera <no-dsa> (Minor issue)
-	- facter <unfixed> (low)
+	- facter 2.0.1-1 (low)
 	[wheezy] - facter <no-dsa> (Minor issue)
 	[squeeze] - facter <no-dsa> (Minor issue)
 	- mcollective <unfixed> (low)
@@ -3598,6 +3597,7 @@
 	{DSA-2949-1}
 	- linux 3.14.5-1
 	- linux-2.6 <removed>
+	[squeeze] - linux-2.6 2.6.32-48squeeze7
 	NOTE: http://thread.gmane.org/gmane.linux.kernel.stable/92357
 CVE-2014-3152 (Integer underflow in the LCodeGen::PrepareKeyedOperand function in ...)
 	{DSA-2939-1}
@@ -8488,6 +8488,7 @@
 	- linux 3.12.8-1 (bug #733551)
 	- linux-2.6 <removed>
 	[wheezy] - linux 3.2.54-1
+	[squeeze] - linux-2.6 2.6.32-48squeeze7
 	NOTE: http://www.halfdog.net/Security/2013/Vm86SyscallTaskSwitchKernelPanic/
 	NOTE: http://git.kernel.org/cgit/linux/kernel/git/tip/tip.git/commit/?id=26bef1318adc1b3a530ecc807ef99346db2aa8b0
 CVE-2014-1448
@@ -14562,7 +14563,7 @@
 	NOTE: http://roundcube.net/news/2013/10/21/security-updates-095-and-087/
 	NOTE: http://trac.roundcube.net/ticket/1489382
 CVE-2013-6171 (checkpassword-reply in Dovecot before 2.2.7 performs setuid operations ...)
-	- dovecot <unfixed> (low; bug #729063)
+	- dovecot 1:2.2.9-1 (low; bug #729063)
 	[wheezy] - dovecot <no-dsa> (Minor issue)
 	[squeeze] - dovecot <no-dsa> (Minor issue)
 CVE-2013-6170 (Juniper Junos 10.0 before 10.0S28, 10.4 before 10.4R7, 11.1 before ...)

More information about the Secure-testing-commits mailing list