[Secure-testing-commits] r27191 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Tue Jun 10 04:38:45 UTC 2014
Author: carnil
Date: 2014-06-10 04:38:45 +0000 (Tue, 10 Jun 2014)
New Revision: 27191
Modified:
data/CVE/list
Log:
Update information for CVE-2014-0085/zookeeper
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-06-10 04:26:22 UTC (rev 27190)
+++ data/CVE/list 2014-06-10 04:38:45 UTC (rev 27191)
@@ -10393,8 +10393,9 @@
NOTE: https://github.com/richfaces/richfaces/commit/4115c103f74e7cb0af6d392e22866e52db2bc4e7
NOTE: https://issues.jboss.org/browse/RF-13250
CVE-2014-0085 (Apache Zookeeper logs cleartext admin passwords, which allows local ...)
- - zookeeper <unfixed>
- TODO: check
+ - zookeeper <unfixed> (unimportant)
+ NOTE: Zookeeper logs all keys; this issue only affects Apache Zookeeper used in conjunction with Fuse Fabric
+ NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1067265#c7
CVE-2014-0084
RESERVED
CVE-2014-0083 [SSHA passwords generated by the net-ldap Ruby gem use a weak salt]
More information about the Secure-testing-commits
mailing list