[Secure-testing-commits] r27184 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Mon Jun 9 03:22:05 UTC 2014
Author: carnil
Date: 2014-06-09 03:22:05 +0000 (Mon, 09 Jun 2014)
New Revision: 27184
Modified:
data/CVE/list
Log:
Add fixed version for two samba CVEs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-06-09 00:38:44 UTC (rev 27183)
+++ data/CVE/list 2014-06-09 03:22:05 UTC (rev 27184)
@@ -9875,7 +9875,7 @@
NOTE: https://github.com/GrahamDumpleton/mod_wsgi/commit/d9d5fea585b23991f76532a9b07de7fcd3b649f4
NOTE: only when running with linux >= 2.6.0 and < 3.1.0
CVE-2014-0239 (The internal DNS server in Samba 4.x before 4.0.18 does not check the ...)
- - samba <unfixed>
+ - samba 2:4.1.8+dfsg-1 (bug #749845)
- samba4 4.0.0~beta2+dfsg1-3.2+deb7u2
[squeeze] - samba <not-affected> (AD feature not present)
[wheezy] - samba <not-affected> (AD feature not present)
@@ -10067,7 +10067,7 @@
- libvirt 1.2.4-1 (unimportant)
NOTE: no ACL mechanism in squeeze and wheezy and all access is root-equivalent
CVE-2014-0178 (Samba 3.6.6 through 3.6.23, 4.0.x before 4.0.18, and 4.1.x before ...)
- - samba <unfixed> (low)
+ - samba 2:4.1.8+dfsg-1 (low)
[wheezy] - samba <no-dsa> (Minor issue)
[squeeze] - samba <not-affected> (Vulnerable code not present)
- samba4 4.0.0~beta2+dfsg1-3.2+deb7u2
More information about the Secure-testing-commits
mailing list