[Secure-testing-commits] r26146 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Mon Mar 17 15:52:29 UTC 2014
Author: carnil
Date: 2014-03-17 15:52:29 +0000 (Mon, 17 Mar 2014)
New Revision: 26146
Modified:
data/CVE/list
Log:
Add CVE-2014-2523/linux (with TODO item)
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-03-17 15:50:57 UTC (rev 26145)
+++ data/CVE/list 2014-03-17 15:52:29 UTC (rev 26146)
@@ -11,6 +11,11 @@
[squeeze] - moodle <not-affected> (Vulnerable code not present)
CVE-2014-2524 [Insecure usage of temporary files]
- readline6 <unfixed>
+CVE-2014-2523 [remote memory corruption in nf_conntrack_proto_dccp.c]
+ - linux <unfixed>
+ - linux-2.6 <removed>
+ NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/net/netfilter/nf_conntrack_proto_dccp.c?id=b22f5126a24b3b2f15448c3f2a254fc10cbc2b92
+ TODO: check
CVE-2014-2522 [flaw in Windows SSL backend]
- curl <not-affected> (Only present in code only running on Windows)
CVE-2014-2497 [gd: NULL pointer dereference may cause denial of service]
More information about the Secure-testing-commits
mailing list