[Secure-testing-commits] r26164 - in data: . CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Tue Mar 18 17:01:00 UTC 2014
Author: jmm
Date: 2014-03-18 17:01:00 +0000 (Tue, 18 Mar 2014)
New Revision: 26164
Modified:
data/CVE/list
data/dsa-needed.txt
Log:
openjpeg unimportant
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-03-18 16:14:00 UTC (rev 26163)
+++ data/CVE/list 2014-03-18 17:01:00 UTC (rev 26164)
@@ -13390,10 +13390,12 @@
NOTE: http://libvirt.org/git/?p=libvirt.git;a=commit;h=745aa55fbf3e076c4288d5ec3239f5a5d43508a6
CVE-2013-4290 [stack-based buffer overflows]
RESERVED
- - openjpeg <unfixed> (bug #722540)
+ - openjpeg <unfixed> (unimportant; bug #722540)
+ NOTE: JP3D code not built in the binary package, see #722540
CVE-2013-4289 [heap-based buffer overflows]
RESERVED
- - openjpeg <unfixed> (bug #722540)
+ - openjpeg <unfixed> (unimportant; bug #722540)
+ NOTE: JP3D code not built in the binary package, see #722540
CVE-2013-4288 (Race condition in PolicyKit (aka polkit) allows local users to bypass ...)
- policykit-1 0.105-3+nmu1 (low; bug #723717)
[squeeze] - policykit-1 <no-dsa> (The update only deprecates an API and introduces a new option for pkcheck, no src package uses this API)
Modified: data/dsa-needed.txt
===================================================================
--- data/dsa-needed.txt 2014-03-18 16:14:00 UTC (rev 26163)
+++ data/dsa-needed.txt 2014-03-18 17:01:00 UTC (rev 26164)
@@ -50,9 +50,6 @@
--
nss
--
-openjpeg
- patches are not yet avaialble
---
openjdk-6
--
openjdk-7/stable
More information about the Secure-testing-commits
mailing list