[Secure-testing-commits] r26231 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Tue Mar 25 05:47:21 UTC 2014
Author: carnil
Date: 2014-03-25 05:47:21 +0000 (Tue, 25 Mar 2014)
New Revision: 26231
Modified:
data/CVE/list
Log:
Add CVE-2014-0107/libxalan2-java
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-03-25 04:35:01 UTC (rev 26230)
+++ data/CVE/list 2014-03-25 05:47:21 UTC (rev 26231)
@@ -6372,8 +6372,11 @@
RESERVED
CVE-2014-0108
RESERVED
-CVE-2014-0107
+CVE-2014-0107 [Xalan-Java insufficient secure processing]
RESERVED
+ - libxalan2-java <unfixed>
+ NOTE: https://issues.apache.org/jira/browse/XALANJ-2435
+ NOTE: http://svn.apache.org/viewvc?view=revision&revision=1581058
CVE-2014-0106 (Sudo 1.6.9 before 1.8.5, when env_reset is disabled, does not properly ...)
- sudo 1.8.5p2-1 (low)
[squeeze] - sudo <no-dsa> (environment sanitising is enabled by default and turning it off in insecure anyway)
More information about the Secure-testing-commits
mailing list