[Secure-testing-commits] r27494 - in data: . CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Fri Jun 27 11:39:47 UTC 2014
Author: jmm
Date: 2014-06-27 11:39:47 +0000 (Fri, 27 Jun 2014)
New Revision: 27494
Modified:
data/CVE/list
data/lts-needed.txt
Log:
two no-dsa, also update lts-needed.txt
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-06-27 11:33:56 UTC (rev 27493)
+++ data/CVE/list 2014-06-27 11:39:47 UTC (rev 27494)
@@ -983,7 +983,9 @@
CVE-2014-4194
RESERVED
CVE-2014-XXXX [softhsm-keyconv creates security-sensibe file world-readable]
- - softhsm <unfixed> (bug #752092)
+ - softhsm <unfixed> (low; bug #752092)
+ [squeeze] - softhsm <no-dsa> (Minor issue)
+ [wheezy] - softhsm <no-dsa> (Minor issue)
CVE-2014-XXXX [docker VMM breakout]
- docker.io 1.0.0~dfsg1-1
CVE-2014-4193 (The TLS implementation in EMC RSA BSAFE-Java Toolkits (aka Share for ...)
@@ -4436,6 +4438,7 @@
CVE-2014-2745 (Prosody before 0.9.4 does not properly restrict the processing of ...)
{DSA-2895-1}
- prosody 0.9.4-1
+ [squeeze] - prosody <no-dsa> (Minor issue)
NOTE: http://hg.prosody.im/0.9/rev/a97591d2e1ad
NOTE: http://hg.prosody.im/0.9/rev/1107d66d2ab2
CVE-2014-2744 (plugins/mod_compression.lua in (1) Prosody before 0.9.4 and (2) ...)
Modified: data/lts-needed.txt
===================================================================
--- data/lts-needed.txt 2014-06-27 11:33:56 UTC (rev 27493)
+++ data/lts-needed.txt 2014-06-27 11:39:47 UTC (rev 27494)
@@ -1,4 +1,4 @@
-A squeez-lts security update is needed for the following source packages.
+A squeeze-lts security update is needed for the following source packages.
The specific CVE IDs do not need to be listed, they can be gathered in an up-to-date manner from
https://security-tracker.debian.org/tracker/source-package/SOURCEPACKAGE
@@ -62,8 +62,6 @@
--
poppler
--
-prosody
---
python2.6 (Raphael Geissert)
--
qt4-x11
@@ -75,8 +73,6 @@
sendmail (Thorsten Alteholz)
CVE-2014-3956 (minor issue)
--
-softhsm
---
tiff (Thorsten Alteholz)
--
tomcat6
More information about the Secure-testing-commits
mailing list