[Secure-testing-commits] r26363 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Mon Mar 31 04:36:16 UTC 2014


Author: carnil
Date: 2014-03-31 04:36:15 +0000 (Mon, 31 Mar 2014)
New Revision: 26363

Modified:
   data/CVE/list
Log:
Add CVE-2014-2667 for various python versions

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2014-03-31 04:28:21 UTC (rev 26362)
+++ data/CVE/list	2014-03-31 04:36:15 UTC (rev 26363)
@@ -18,6 +18,12 @@
 CVE-2014-2668 [couchdb: remote denial of service flaw]
 	- couchdb <unfixed> (low)
 	NOTE: High resource usage in CPU and memory while query is active. No crash for deamon in 1.4.0-3+b1 and 1.2.0-5 versions.
+CVE-2014-2667 [race condition]
+	- python3.1 <removed>
+	- python3.2 <removed>
+	- python3.3 <unfixed>
+	- python3.4 <unfixed>
+	TODO: does only affect 3.x, check all versions
 CVE-2014-XXXX [Login csrf in Special:ChangePassword]
 	- mediawiki 1:1.19.14+dfsg-1 (bug #742857)
 	NOTE: https://bugzilla.wikimedia.org/show_bug.cgi?id=62497




More information about the Secure-testing-commits mailing list