[Secure-testing-commits] r27294 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Mon Jun 16 06:48:30 UTC 2014
Author: jmm
Date: 2014-06-16 06:48:26 +0000 (Mon, 16 Jun 2014)
New Revision: 27294
Modified:
data/CVE/list
Log:
glibc no-dsa
vlc unimportant
netty n/a
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-06-16 04:59:31 UTC (rev 27293)
+++ data/CVE/list 2014-06-16 06:48:26 UTC (rev 27294)
@@ -20,7 +20,9 @@
[wheezy] - openafs <not-affected> (Vulnerable code introduced in 1.6.8)
[squeeze] - openafs <not-affected> (Vulnerable code introduced in 1.6.8)
CVE-2014-4043 [posix_spawn_file_actions_addopen fails to copy the path argument]
- - eglibc <unfixed>
+ - eglibc <unfixed> (low)
+ [wheezy] - eglibc <no-dsa> (Minor issue)
+ [squeeze] - eglibc <no-dsa> (Minor issue)
CVE-2014-4020 [Frame metadissector crash (wnpa-sec-2014-07)]
- wireshark <unfixed>
[wheezy] - wireshark <not-affected> (Only affects 1.10.0 to 1.10.7)
@@ -1151,9 +1153,8 @@
RESERVED
CVE-2014-3488 [DoS]
RESERVED
- - netty <undetermined>
+ - netty <not-affected> (Introduced in 3.9.0)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1107983 says only affects 3.9.0 and 3.9.1
- TODO: check
CVE-2014-3487
RESERVED
CVE-2014-3486
@@ -12675,10 +12676,9 @@
CVE-2013-6284 (Unspecified vulnerability in the Statutory Reporting for Insurance ...)
NOT-FOR-US: Financial Services module for SAP ERP Central Component
CVE-2013-6283 (VideoLAN VLC Media Player 2.0.8 and earlier allows remote attackers to ...)
- - vlc 2.1.0-2
+ - vlc 2.1.0-2 (unimportant)
[squeeze] - vlc <end-of-life> (Unsupported in squeeze-lts)
NOTE: User-assisted DoS for X session (freezes window manager) in 2.0.3-5
- NOTE: Potential code execution
CVE-2013-6282 (The (1) get_user and (2) put_user API functions in the Linux kernel ...)
- linux 3.6.4-1~experimental.1
- linux-2.6 <not-affected> (Introduced in 2.6.38)
More information about the Secure-testing-commits
mailing list