[Secure-testing-commits] r26157 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Tue Mar 18 06:38:23 UTC 2014
Author: jmm
Date: 2014-03-18 06:38:23 +0000 (Tue, 18 Mar 2014)
New Revision: 26157
Modified:
data/CVE/list
Log:
readline no-dsa
linux fixed
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-03-18 06:07:54 UTC (rev 26156)
+++ data/CVE/list 2014-03-18 06:38:23 UTC (rev 26157)
@@ -10,12 +10,13 @@
- moodle 2.6.2-1
[squeeze] - moodle <not-affected> (Vulnerable code not present)
CVE-2014-2524 [Insecure usage of temporary files]
- - readline6 <unfixed> (bug #741953)
+ - readline6 <unfixed> (low; bug #741953)
+ [wheezy] - readline6 <no-dsa> (Minor issue)
+ [squeeze] - readline6 <no-dsa> (Minor issue)
CVE-2014-2523 [remote memory corruption in nf_conntrack_proto_dccp.c]
- - linux <unfixed>
+ - linux 3.13-1
- linux-2.6 <removed>
NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/net/netfilter/nf_conntrack_proto_dccp.c?id=b22f5126a24b3b2f15448c3f2a254fc10cbc2b92
- TODO: check
CVE-2014-2522 [flaw in Windows SSL backend]
- curl <not-affected> (Only present in code only running on Windows)
CVE-2014-2497 [gd: NULL pointer dereference may cause denial of service]
More information about the Secure-testing-commits
mailing list