[Secure-testing-commits] r27898 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Wed Jul 23 04:42:14 UTC 2014
Author: carnil
Date: 2014-07-23 04:38:40 +0000 (Wed, 23 Jul 2014)
New Revision: 27898
Modified:
data/CVE/list
Log:
Three CVEs for cups issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-07-22 21:14:11 UTC (rev 27897)
+++ data/CVE/list 2014-07-23 04:38:40 UTC (rev 27898)
@@ -2,8 +2,14 @@
- glpi <unfixed> (unimportant)
NOTE: CVE request http://www.openwall.com/lists/oss-security/2014/07/22/6
NOTE: Only supported behind an authenticated HTTP zone
-CVE-2014-XXXX [Incomplete fix CVE-2014-3537]
+CVE-2014-5031 [file/directory does not have world read permissions for dirctory index files]
- cups <unfixed>
+ NOTE: combined patch at https://cups.org/str.php?L4455
+CVE-2014-5030 [dissalow symlinks for directory index files]
+ - cups <unfixed>
+ NOTE: compbined patch at https://cups.org/str.php?L4455
+CVE-2014-5029 [Incomplete fix CVE-2014-3537]
+ - cups <unfixed>
NOTE: https://cups.org/str.php?L4455
CVE-2014-XXXX [XSS Vulnerability]
- cacti <unfixed>
More information about the Secure-testing-commits
mailing list