[Secure-testing-commits] r26347 - data/CVE
Henri Salo
fgeek-guest at moszumanska.debian.org
Sun Mar 30 08:56:45 UTC 2014
Author: fgeek-guest
Date: 2014-03-30 08:56:45 +0000 (Sun, 30 Mar 2014)
New Revision: 26347
Modified:
data/CVE/list
Log:
CVE-2014-2668 update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-03-30 08:38:13 UTC (rev 26346)
+++ data/CVE/list 2014-03-30 08:56:45 UTC (rev 26347)
@@ -4,9 +4,9 @@
- postgresql-8.4 <removed>
[squeeze] - postgresql-8.4 <not-affected> (9.x branch only)
- postgresql-9.3 9.3.3-1
-CVE-2014-2668 [remote denial of service flaw]
- - couchdb <unfixed>
- TODO: check
+CVE-2014-2668 [couchdb: remote denial of service flaw]
+ - couchdb <unfixed> (low)
+ NOTE: High resource usage in CPU and memory while query is active. No crash for deamon in 1.4.0-3+b1 and 1.2.0-5 versions.
CVE-2014-XXXX [Login csrf in Special:ChangePassword]
- mediawiki 1:1.19.14+dfsg-1 (bug #742857)
NOTE: https://bugzilla.wikimedia.org/show_bug.cgi?id=62497
More information about the Secure-testing-commits
mailing list