[Secure-testing-commits] r27897 - data/CVE

[Joey Hess]

Author: joeyh
Date: 2014-07-22 21:14:11 +0000 (Tue, 22 Jul 2014)
New Revision: 27897

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2014-07-22 20:39:29 UTC (rev 27896)
+++ data/CVE/list	2014-07-22 21:14:11 UTC (rev 27897)
@@ -1705,6 +1705,7 @@
 	- virtualbox <not-affected> (Only applies if VBox is running on Windows)
 	- virtualbox-ose <not-affected> (Only applies if VBox is running on Windows)
 CVE-2014-4260 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
+	{DSA-2985-1}
 	- mysql-5.5 <unfixed> (bug #754941)
 	- mysql-5.1 <not-affected> (Only affects 5.5 and later)
 	- mariadb-5.5 5.5.38-1 (bug #754940)
@@ -1712,6 +1713,7 @@
 CVE-2014-4259
 	RESERVED
 CVE-2014-4258 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
+	{DSA-2985-1}
 	- mysql-5.5 <unfixed> (bug #754941)
 	- mysql-5.1 <not-affected> (Only affects 5.5 and later)
 	- mariadb-5.5 5.5.38-1 (bug #754940)
@@ -1855,6 +1857,7 @@
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 CVE-2014-4207 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
+	{DSA-2985-1}
 	- mysql-5.5 <unfixed> (bug #754941)
 	- mysql-5.1 <not-affected> (Only affects 5.5 and later)
 	- mariadb-5.5 5.5.38-1 (bug #754940)
@@ -6179,6 +6182,7 @@
 CVE-2014-2495 (Unspecified vulnerability in the PeopleSoft Enterprise SCM Purchasing ...)
 	TODO: check
 CVE-2014-2494 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
+	{DSA-2985-1}
 	- mysql-5.5 <unfixed> (bug #754941)
 	- mysql-5.1 <not-affected> (Only affects 5.5 and later)
 	- mariadb-5.5 5.5.38-1 (bug #754940)
@@ -8773,12 +8777,12 @@
 	[squeeze] - icedove <end-of-life>
 	NOTE: http://www.mozilla.org/security/announce/2014/mfsa2014-64.html
 CVE-2014-1556 [Exploitable WebGL crash with Cesium JavaScript]
+	RESERVED
 	- iceweasel <unfixed>
 	[squeeze] - iceweasel <end-of-life>
 	- icedove <unfixed>
 	[squeeze] - icedove <end-of-life>
 	NOTE: https://www.mozilla.org/security/announce/2014/mfsa2014-62.html
-	RESERVED
 CVE-2014-1555 [Use-after-free with FireOnStateChange event]
 	RESERVED
 	- iceweasel <unfixed>
@@ -8803,13 +8807,13 @@
 	NOTE: https://www.mozilla.org/security/announce/2014/mfsa2014-59.html
 	TODO: check, affects only Windows plattform
 CVE-2014-1550 [Use-after-free in Web Audio due to incorrect control message ordering]
+	RESERVED
 	- iceweasel <unfixed>
 	[squeeze] - iceweasel <end-of-life>
 	- icedove <unfixed>
 	[squeeze] - icedove <end-of-life>
 	NOTE: https://www.mozilla.org/security/announce/2014/mfsa2014-58.html
 	TODO: check
-	RESERVED
 CVE-2014-1549 [Buffer overflow during Web Audio buffering for playback]
 	RESERVED
 	- iceweasel <unfixed>
@@ -9335,6 +9339,7 @@
 	RESERVED
 CVE-2014-1419
 	RESERVED
+	{DSA-2984-1}
 	- acpi-support 0.142-2
 CVE-2014-1418 (Django 1.4 before 1.4.13, 1.5 before 1.5.8, 1.6 before 1.6.5, and 1.7 ...)
 	{DSA-2934-1}