[Secure-testing-commits] r26163 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Tue Mar 18 16:14:00 UTC 2014


Author: carnil
Date: 2014-03-18 16:14:00 +0000 (Tue, 18 Mar 2014)
New Revision: 26163

Modified:
   data/CVE/list
Log:
Add k4dirstat CVEs

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2014-03-18 16:00:43 UTC (rev 26162)
+++ data/CVE/list	2014-03-18 16:14:00 UTC (rev 26163)
@@ -1,5 +1,11 @@
-CVE-2014-XXXX [Apostrophes not properly escaped]
+CVE-2014-2528 [Apostrophes not properly escaped]
 	- k4dirstat 2.7.5-1 (bug #741659)
+	- kdirstat <removed>
+	TODO: check squeeze
+CVE-2014-2527 [double quotes not proberly escaped]
+	- k4dirstat <not-affected> (Uses single quotes for affected code)
+	- kdirstat <removed>
+	TODO: check squeeze
 CVE-2014-XXXX [MSA-14-0004: Incorrect filtering in Quiz]
 	- moodle 2.6.2-1
 	[squeeze] - moodle <not-affected> (Vulnerable code not present)




More information about the Secure-testing-commits mailing list