[Secure-testing-commits] r26179 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Wed Mar 19 19:55:44 UTC 2014
Author: carnil
Date: 2014-03-19 19:55:44 +0000 (Wed, 19 Mar 2014)
New Revision: 26179
Modified:
data/CVE/list
Log:
Add CVE-2014-0011, with TODO item
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-03-19 19:53:12 UTC (rev 26178)
+++ data/CVE/list 2014-03-19 19:55:44 UTC (rev 26179)
@@ -6619,8 +6619,11 @@
[squeeze] - jinja2 <not-affected> (introduced by fix in 2.7.2)
[wheezy] - jinja2 <not-affected> (introduced by fix in 2.7.2)
NOTE: introduced by https://github.com/mitsuhiko/jinja2/commit/acb672b6a179567632e032f547582f30fa2f4aa7
-CVE-2014-0011
+CVE-2014-0011 [ZRLE decoding bounds checking issue]
RESERVED
+ - tigervnc <itp> (bug #650394)
+ NOTE: may affect related *VNC implementations if built with NDEBUG
+ TODO: check
CVE-2014-0010 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
- moodle 2.5.4-1
[squeeze] - moodle <not-affected> (Code correctly checks session key)
More information about the Secure-testing-commits
mailing list