[Secure-testing-commits] r27368 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Fri Jun 20 05:17:56 UTC 2014


Author: carnil
Date: 2014-06-20 05:17:55 +0000 (Fri, 20 Jun 2014)
New Revision: 27368

Modified:
   data/CVE/list
Log:
Adjust CVE assignments for cups-filters

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2014-06-20 05:17:24 UTC (rev 27367)
+++ data/CVE/list	2014-06-20 05:17:55 UTC (rev 27368)
@@ -2780,12 +2780,15 @@
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1085618
 	NOTE: https://github.com/miniupnp/miniupnp/commit/3a87aa2f10bd7f1408e1849bdb59c41dd63a9fe9
 	NOTE: http://www.openwall.com/lists/oss-security/2014/04/30/3
-CVE-2014-4336 [handle BrowseAllow directive securely]
+CVE-2014-4338 [handle BrowseAllow directive securely]
 	- cups-filters 1.0.53-1
 	[wheezy] - cups-filters <not-affected> (vulnerable code not present)
 	NOTE: http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/revision/7195
-CVE-2014-XXXX [incomplete fix for CVE-2014-2707]
+CVE-2014-4337 [OOB accesses in the process_browse_data function when reading the packet variable]
 	- cups-filters 1.0.53-1
+	TODO: check wheezy
+CVE-2014-4336 [incomplete fix for CVE-2014-2707]
+	- cups-filters 1.0.53-1
 	[wheezy] - cups-filters <not-affected> (vulnerable code not present)
 	NOTE: incomplete fix was applied
 	NOTE: http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/revision/7194




More information about the Secure-testing-commits mailing list