[Secure-testing-commits] r27209 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Wed Jun 11 05:51:57 UTC 2014
Author: carnil
Date: 2014-06-11 05:51:57 +0000 (Wed, 11 Jun 2014)
New Revision: 27209
Modified:
data/CVE/list
Log:
Add notes for puppet, et. al issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-06-11 05:09:55 UTC (rev 27208)
+++ data/CVE/list 2014-06-11 05:51:57 UTC (rev 27209)
@@ -1627,6 +1627,7 @@
RESERVED
- puppet <unfixed>
NOTE: http://puppetlabs.com/security/cve/CVE-2014-3250
+ NOTE: Problem in combination with Apache 2.4
TODO: check
CVE-2014-3249
RESERVED
@@ -1639,6 +1640,7 @@
- facter <unfixed>
- mcollective <unfixed>
NOTE: http://puppetlabs.com/security/cve/cve-2014-3248
+ NOTE: problem in combination with ruby <= 1.9.1
CVE-2014-3247 (Cross-site scripting (XSS) vulnerability in Collabtive 1.2 allows ...)
- collabtive <unfixed> (bug #748828)
[wheezy] - collabtive <no-dsa> (Minor issue)
More information about the Secure-testing-commits
mailing list