[Secure-testing-commits] r26776 - in data: . CVE

Moritz Muehlenhoff jmm at moszumanska.debian.org
Fri May 2 07:29:50 UTC 2014 

Author: jmm
Date: 2014-05-02 07:29:49 +0000 (Fri, 02 May 2014)
New Revision: 26776

Modified:
   data/CVE/list
   data/dsa-needed.txt
Log:
no-dsa: vbox, poco
add missing no-dsa tags for qemu/kvm
add rxvt-unicode to dsa-needed


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2014-05-02 04:43:38 UTC (rev 26775)
+++ data/CVE/list	2014-05-02 07:29:49 UTC (rev 26776)
@@ -7285,8 +7285,9 @@
 CVE-2014-0351
 	RESERVED
 CVE-2014-0350 (The Poco::Net::X509Certificate::verify method in the NetSSL library in ...)
-	- poco <unfixed>
-	TODO: check
+	- poco <unfixed> 
+	[squeeze] - poco <no-dsa> (Minor issue)
+	[wheezy] - poco <no-dsa> (Minor issue)
 CVE-2014-0349 (Multiple unspecified vulnerabilities in J2k-Codec allow remote ...)
 	NOT-FOR-US: J2k-Codec
 CVE-2014-0348 (The Artiva Agency Single Sign-On (SSO) implementation in Artiva ...)
@@ -15897,24 +15898,32 @@
 	RESERVED
 	- qemu <unfixed> (low; bug #739589)
 	[wheezy] - qemu <no-dsa> (Minor issue, hardly exploitable in practice)
+	[wheezy] - qemu-kvm <no-dsa> (Minor issue, hardly exploitable in practice)
+	[squeeze] - qemu <no-dsa> (Minor issue, hardly exploitable in practice)
 	- qemu-kvm <removed> (low)
 	[squeeze] - qemu-kvm <no-dsa> (Minor issue, hardly exploitable in practice)
 CVE-2013-4150
 	RESERVED
 	- qemu <unfixed> (low; bug #739589)
 	[wheezy] - qemu <no-dsa> (Minor issue, hardly exploitable in practice)
+	[wheezy] - qemu-kvm <no-dsa> (Minor issue, hardly exploitable in practice)
+	[squeeze] - qemu <no-dsa> (Minor issue, hardly exploitable in practice)
 	- qemu-kvm <removed> (low)
 	[squeeze] - qemu-kvm <no-dsa> (Minor issue, hardly exploitable in practice)
 CVE-2013-4149
 	RESERVED
 	- qemu <unfixed> (low; bug #739589)
 	[wheezy] - qemu <no-dsa> (Minor issue, hardly exploitable in practice)
+	[wheezy] - qemu-kvm <no-dsa> (Minor issue, hardly exploitable in practice)
+	[squeeze] - qemu <no-dsa> (Minor issue, hardly exploitable in practice)
 	- qemu-kvm <removed> (low)
 	[squeeze] - qemu-kvm <no-dsa> (Minor issue, hardly exploitable in practice)
 CVE-2013-4148
 	RESERVED
 	- qemu <unfixed> (low; bug #739589)
 	[wheezy] - qemu <no-dsa> (Minor issue, hardly exploitable in practice)
+	[wheezy] - qemu-kvm <no-dsa> (Minor issue, hardly exploitable in practice)
+	[squeeze] - qemu <no-dsa> (Minor issue, hardly exploitable in practice)
 	- qemu-kvm <removed> (low)
 	[squeeze] - qemu-kvm <no-dsa> (Minor issue, hardly exploitable in practice)
 CVE-2013-4147 (Multiple format string vulnerabilities in Yet Another Radius Daemon ...)
@@ -16788,7 +16797,9 @@
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html
 CVE-2013-3792 (Unspecified vulnerability in the Oracle VM VirtualBox component in ...)
 	- virtualbox-ose <removed>
+	[squeeze] - virtualbox-ose <no-dsa> (Minor issue)
 	- virtualbox 4.2.16-dfsg-1 (bug #715327)
+	[wheezy] - virtualbox <no-dsa> (Minor issue)
 	NOTE: https://www.virtualbox.org/ticket/11863
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html
 CVE-2013-3791 (Unspecified vulnerability in Enterprise Manager (EM) Base Platform ...)

Modified: data/dsa-needed.txt
===================================================================
--- data/dsa-needed.txt	2014-05-02 04:43:38 UTC (rev 26775)
+++ data/dsa-needed.txt	2014-05-02 07:29:49 UTC (rev 26776)
@@ -21,9 +21,6 @@
 --
 icinga
 --
-jquery/oldstable
-  Maintainer prepared an update
---
 libapache-mod-security/oldstable
 --
 liblivemedia/stable (geissert)
@@ -75,6 +72,8 @@
 --
 ruby-actionpack-3.2
 --
+rxvt-unicode
+--
 vlc
 --
 xbuffy (corsac)

More information about the Secure-testing-commits mailing list