[Secure-testing-commits] r27196 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Tue Jun 10 16:10:49 UTC 2014
Author: jmm
Date: 2014-06-10 16:10:49 +0000 (Tue, 10 Jun 2014)
New Revision: 27196
Modified:
data/CVE/list
Log:
no-dsa: json-c
nagios-nrpe unimportant
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-06-10 07:34:32 UTC (rev 27195)
+++ data/CVE/list 2014-06-10 16:10:49 UTC (rev 27196)
@@ -2492,10 +2492,8 @@
CVE-2014-2915 (Xen 4.4.x, when running on ARM systems, does not properly restrict ...)
- xen <not-affected> (Only 32-bit and 64-bit ARM systems are vulnerable from Xen 4.4 onwards)
CVE-2014-2913 (** DISPUTED ** Incomplete blacklist vulnerability in nrpe.c in Nagios ...)
- - nagios-nrpe <unfixed> (low; bug #745272)
- [wheezy] - nagios-nrpe <no-dsa> (Minor issue)
- [squeeze] - nagios-nrpe <no-dsa> (Minor issue)
- NOTE: http://seclists.org/fulldisclosure/2014/Apr/240
+ - nagios-nrpe <unfixed> (unimportant; bug #745272)
+ NOTE: This in insecure by design anyway
CVE-2014-2983 (Drupal 6.x before 6.31 and 7.x before 7.27 does not properly isolate ...)
{DSA-2914-1 DSA-2913-1}
- drupal7 7.27-1
@@ -12253,9 +12251,11 @@
- jenkins <not-affected> (Affected plugins are not shipped in Debian, bug #730457)
CVE-2013-6371 (The hash functionality in json-c before 0.12 allows context-dependent ...)
- json-c 0.11-4 (bug #744008)
+ [wheezy] - json-c <no-dsa> (Minor issue)
NOTE: https://github.com/json-c/json-c/commit/64e36901a0614bf64a19bc3396469c66dcd0b015
CVE-2013-6370 (Buffer overflow in the printbuf APIs in json-c before 0.12 allows ...)
- json-c 0.11-4 (bug #744008)
+ [wheezy] - json-c <no-dsa> (Minor issue)
NOTE: https://github.com/json-c/json-c/commit/64e36901a0614bf64a19bc3396469c66dcd0b015
CVE-2013-6369 (Stack-based buffer overflow in the jbg_dec_in function in ...)
{DSA-2900-1}
More information about the Secure-testing-commits
mailing list