[Secure-testing-commits] r27974 - data/CVE
Joey Hess
joeyh at moszumanska.debian.org
Sun Jul 27 21:14:13 UTC 2014
Author: joeyh
Date: 2014-07-27 21:14:13 +0000 (Sun, 27 Jul 2014)
New Revision: 27974
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-07-27 17:38:06 UTC (rev 27973)
+++ data/CVE/list 2014-07-27 21:14:13 UTC (rev 27974)
@@ -80,14 +80,17 @@
NOTE: Only supported behind an authenticated HTTP zone
CVE-2014-5031 [file/directory does not have world read permissions for dirctory index files]
RESERVED
+ {DSA-2990-1}
- cups 1.7.4-2
NOTE: https://cups.org/str.php?L4455
CVE-2014-5030 [dissalow symlinks for directory index files]
RESERVED
+ {DSA-2990-1}
- cups 1.7.4-2
NOTE: https://cups.org/str.php?L4455
CVE-2014-5029 [Incomplete fix CVE-2014-3537]
RESERVED
+ {DSA-2990-1}
- cups 1.7.4-2
NOTE: https://cups.org/str.php?L4455
CVE-2014-5028
@@ -3502,6 +3505,7 @@
NOTE: fix relies on the new feature that introduced regex/<length> syntax, might be too intrusive for backporting.
CVE-2014-3537 [Insufficient checking leads to privilege escalation]
RESERVED
+ {DSA-2990-1}
- cups 1.7.4-1
NOTE: https://www.cups.org/str.php?L4450
CVE-2014-3536
@@ -16769,6 +16773,7 @@
CVE-2013-5706 (Multiple cross-site scripting (XSS) vulnerabilities in Coursemill ...)
NOT-FOR-US: Coursemill Learning Management System
CVE-2013-5705 (apache2/modsecurity.c in ModSecurity before 2.7.6 allows remote ...)
+ {DSA-2991-1}
- modsecurity-apache 2.7.7-1
- libapache-mod-security <removed>
NOTE: Upstream commit: https://github.com/SpiderLabs/ModSecurity/commit/f8d441cd25172fdfe5b613442fedfc0da3cc333d
More information about the Secure-testing-commits
mailing list