[Secure-testing-commits] r26776 - in data: . CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Fri May 2 07:29:50 UTC 2014
Author: jmm
Date: 2014-05-02 07:29:49 +0000 (Fri, 02 May 2014)
New Revision: 26776
Modified:
data/CVE/list
data/dsa-needed.txt
Log:
no-dsa: vbox, poco
add missing no-dsa tags for qemu/kvm
add rxvt-unicode to dsa-needed
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-05-02 04:43:38 UTC (rev 26775)
+++ data/CVE/list 2014-05-02 07:29:49 UTC (rev 26776)
@@ -7285,8 +7285,9 @@
CVE-2014-0351
RESERVED
CVE-2014-0350 (The Poco::Net::X509Certificate::verify method in the NetSSL library in ...)
- - poco <unfixed>
- TODO: check
+ - poco <unfixed>
+ [squeeze] - poco <no-dsa> (Minor issue)
+ [wheezy] - poco <no-dsa> (Minor issue)
CVE-2014-0349 (Multiple unspecified vulnerabilities in J2k-Codec allow remote ...)
NOT-FOR-US: J2k-Codec
CVE-2014-0348 (The Artiva Agency Single Sign-On (SSO) implementation in Artiva ...)
@@ -15897,24 +15898,32 @@
RESERVED
- qemu <unfixed> (low; bug #739589)
[wheezy] - qemu <no-dsa> (Minor issue, hardly exploitable in practice)
+ [wheezy] - qemu-kvm <no-dsa> (Minor issue, hardly exploitable in practice)
+ [squeeze] - qemu <no-dsa> (Minor issue, hardly exploitable in practice)
- qemu-kvm <removed> (low)
[squeeze] - qemu-kvm <no-dsa> (Minor issue, hardly exploitable in practice)
CVE-2013-4150
RESERVED
- qemu <unfixed> (low; bug #739589)
[wheezy] - qemu <no-dsa> (Minor issue, hardly exploitable in practice)
+ [wheezy] - qemu-kvm <no-dsa> (Minor issue, hardly exploitable in practice)
+ [squeeze] - qemu <no-dsa> (Minor issue, hardly exploitable in practice)
- qemu-kvm <removed> (low)
[squeeze] - qemu-kvm <no-dsa> (Minor issue, hardly exploitable in practice)
CVE-2013-4149
RESERVED
- qemu <unfixed> (low; bug #739589)
[wheezy] - qemu <no-dsa> (Minor issue, hardly exploitable in practice)
+ [wheezy] - qemu-kvm <no-dsa> (Minor issue, hardly exploitable in practice)
+ [squeeze] - qemu <no-dsa> (Minor issue, hardly exploitable in practice)
- qemu-kvm <removed> (low)
[squeeze] - qemu-kvm <no-dsa> (Minor issue, hardly exploitable in practice)
CVE-2013-4148
RESERVED
- qemu <unfixed> (low; bug #739589)
[wheezy] - qemu <no-dsa> (Minor issue, hardly exploitable in practice)
+ [wheezy] - qemu-kvm <no-dsa> (Minor issue, hardly exploitable in practice)
+ [squeeze] - qemu <no-dsa> (Minor issue, hardly exploitable in practice)
- qemu-kvm <removed> (low)
[squeeze] - qemu-kvm <no-dsa> (Minor issue, hardly exploitable in practice)
CVE-2013-4147 (Multiple format string vulnerabilities in Yet Another Radius Daemon ...)
@@ -16788,7 +16797,9 @@
NOTE: http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html
CVE-2013-3792 (Unspecified vulnerability in the Oracle VM VirtualBox component in ...)
- virtualbox-ose <removed>
+ [squeeze] - virtualbox-ose <no-dsa> (Minor issue)
- virtualbox 4.2.16-dfsg-1 (bug #715327)
+ [wheezy] - virtualbox <no-dsa> (Minor issue)
NOTE: https://www.virtualbox.org/ticket/11863
NOTE: http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html
CVE-2013-3791 (Unspecified vulnerability in Enterprise Manager (EM) Base Platform ...)
Modified: data/dsa-needed.txt
===================================================================
--- data/dsa-needed.txt 2014-05-02 04:43:38 UTC (rev 26775)
+++ data/dsa-needed.txt 2014-05-02 07:29:49 UTC (rev 26776)
@@ -21,9 +21,6 @@
--
icinga
--
-jquery/oldstable
- Maintainer prepared an update
---
libapache-mod-security/oldstable
--
liblivemedia/stable (geissert)
@@ -75,6 +72,8 @@
--
ruby-actionpack-3.2
--
+rxvt-unicode
+--
vlc
--
xbuffy (corsac)
More information about the Secure-testing-commits
mailing list