[Secure-testing-commits] r26165 - data/CVE
Henri Salo
fgeek-guest at moszumanska.debian.org
Tue Mar 18 18:08:03 UTC 2014
Author: fgeek-guest
Date: 2014-03-18 18:08:03 +0000 (Tue, 18 Mar 2014)
New Revision: 26165
Modified:
data/CVE/list
Log:
CVE-2014-0133 nginx: SPDY heap buffer overflow
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-03-18 17:01:00 UTC (rev 26164)
+++ data/CVE/list 2014-03-18 18:08:03 UTC (rev 26165)
@@ -6144,8 +6144,9 @@
RESERVED
CVE-2014-0134
RESERVED
-CVE-2014-0133
+CVE-2014-0133 [nginx: SPDY heap buffer overflow]
RESERVED
+ - nginx <unfixed> (bug #742059)
CVE-2014-0132 [flaw in parsing authzid can lead to privilege escalation]
RESERVED
- 389-ds-base <unfixed> (bug #741600)
@@ -13391,11 +13392,11 @@
CVE-2013-4290 [stack-based buffer overflows]
RESERVED
- openjpeg <unfixed> (unimportant; bug #722540)
- NOTE: JP3D code not built in the binary package, see #722540
+ NOTE: JP3D code not built in the binary package, see #722540
CVE-2013-4289 [heap-based buffer overflows]
RESERVED
- openjpeg <unfixed> (unimportant; bug #722540)
- NOTE: JP3D code not built in the binary package, see #722540
+ NOTE: JP3D code not built in the binary package, see #722540
CVE-2013-4288 (Race condition in PolicyKit (aka polkit) allows local users to bypass ...)
- policykit-1 0.105-3+nmu1 (low; bug #723717)
[squeeze] - policykit-1 <no-dsa> (The update only deprecates an API and introduces a new option for pkcheck, no src package uses this API)
More information about the Secure-testing-commits
mailing list