[Secure-testing-commits] r26232 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Tue Mar 25 06:02:31 UTC 2014
Author: carnil
Date: 2014-03-25 06:02:31 +0000 (Tue, 25 Mar 2014)
New Revision: 26232
Modified:
data/CVE/list
Log:
Update entry for CVE-2014-0011
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-03-25 05:47:21 UTC (rev 26231)
+++ data/CVE/list 2014-03-25 06:02:31 UTC (rev 26232)
@@ -6707,7 +6707,9 @@
CVE-2014-0011 [ZRLE decoding bounds checking issue]
RESERVED
- tigervnc <itp> (bug #650394)
+ - vnc4 <unfixed> (unimportant)
NOTE: may affect related *VNC implementations if built with NDEBUG
+ NOTE: e.g. vnc4 seems to have similar code in common/rfb/zrleDecode.h
TODO: check
CVE-2014-0010 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
- moodle 2.5.4-1
More information about the Secure-testing-commits
mailing list