[Secure-testing-commits] r26156 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Tue Mar 18 06:07:54 UTC 2014
Author: jmm
Date: 2014-03-18 06:07:54 +0000 (Tue, 18 Mar 2014)
New Revision: 26156
Modified:
data/CVE/list
Log:
new apache issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-03-18 05:45:46 UTC (rev 26155)
+++ data/CVE/list 2014-03-18 06:07:54 UTC (rev 26156)
@@ -6236,8 +6236,9 @@
NOTE: http://patchwork.ozlabs.org/patch/325844/
CVE-2014-0099
RESERVED
-CVE-2014-0098
+CVE-2014-0098 [Segfaults with truncated cookie logging]
RESERVED
+ - apache2 <unfixed>
CVE-2014-0097
RESERVED
- libspring-java <not-affected> (ActiveDirectoryLdapAuthenticator not yet present, introduced in 3.1)
@@ -7819,8 +7820,9 @@
NOTE: http://blog.sendsafely.com/post/69590974866/web-based-single-sign-on-and-the-dangers-of-saml-xml
CVE-2013-6439 (Candlepin in Red Hat Subscription Asset Manager 1.0 through 1.3 uses a ...)
NOT-FOR-US: Candlepin
-CVE-2013-6438
+CVE-2013-6438 [mod_dav: Keep track of length of cdata properly when removing leading spaces]
RESERVED
+ - apache2 <unfixed>
CVE-2013-6437 (The libvirt driver in OpenStack Compute (Nova) before 2013.2.2 and ...)
- nova 2013.2.2
CVE-2013-6436 (The lxcDomainGetMemoryParameters method in lxc/lxc_driver.c in libvirt ...)
More information about the Secure-testing-commits
mailing list