[Secure-testing-commits] r25939 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Mon Mar 3 08:24:06 UTC 2014
Author: jmm
Date: 2014-03-03 08:24:06 +0000 (Mon, 03 Mar 2014)
New Revision: 25939
Modified:
data/CVE/list
Log:
filed bugs for libpng an mojarra
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-03-03 07:50:21 UTC (rev 25938)
+++ data/CVE/list 2014-03-03 08:24:06 UTC (rev 25939)
@@ -4512,6 +4512,7 @@
CVE-2014-0333 [denial of service via png_push_read_chunk()]
RESERVED
- libpng <not-affected> (Only affects libpng 1.6.0 through 1.6.9)
+ NOTE: Filed #740585 for src:libpng1.6 in experimental
CVE-2014-0332 (Cross-site scripting (XSS) vulnerability in mainPage in Dell SonicWALL ...)
NOT-FOR-US: Dell SonicWALL GMS
CVE-2014-0331
@@ -8237,10 +8238,9 @@
NOT-FOR-US: Oracle Industry Applications
CVE-2013-5855
RESERVED
- - mojarra <unfixed>
+ - mojarra <unfixed> (bug #740586)
NOTE: https://java.net/jira/browse/JAVASERVERFACES-3150
NOTE: https://java.net/projects/mojarra/sources/svn/revision/12793
- TODO: check
CVE-2013-5854 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier and ...)
- openjdk-6 <not-affected> (JavaFX not part of OpenJDK)
- openjdk-7 <not-affected> (JavaFX not part of OpenJDK)
More information about the Secure-testing-commits
mailing list