[Secure-testing-commits] r26777 - data/CVE

Moritz Muehlenhoff jmm at moszumanska.debian.org
Fri May 2 07:43:48 UTC 2014 

Author: jmm
Date: 2014-05-02 07:43:48 +0000 (Fri, 02 May 2014)
New Revision: 26777

Modified:
   data/CVE/list
Log:
new netty issue (no-dsa)
new potential mcollective issue
NFUs
(concludes external check)


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2014-05-02 07:29:49 UTC (rev 26776)
+++ data/CVE/list	2014-05-02 07:43:48 UTC (rev 26777)
@@ -7257,9 +7257,9 @@
 CVE-2014-0365
 	RESERVED
 CVE-2014-0364 (The ParseRoster component in the Ignite Realtime Smack XMPP API before ...)
-	TODO: check
+	NOT-FOR-US: smack userspace tools, was once ITPed, but closed (637964)
 CVE-2014-0363 (The ServerTrustManager component in the Ignite Realtime Smack XMPP API ...)
-	TODO: check
+	NOT-FOR-US: smack userspace tools, was once ITPed, but closed (637964)
 CVE-2014-0362
 	RESERVED
 CVE-2014-0361 (The default configuration of IBM 4690 OS, as used in Toshiba Global ...)
@@ -7910,6 +7910,9 @@
 	RESERVED
 CVE-2014-0193
 	RESERVED
+	- netty <unfixed>
+	[squeeze] - netty <no-dsa> (Minor issue)
+	[wheezy] - netty <no-dsa> (Minor issue)
 CVE-2014-0192 [provisioning templates are world accessible]
 	RESERVED
 	- foreman <itp> (bug #663101)
@@ -7990,6 +7993,7 @@
 	- wordpress 3.8.2+dfsg-1 (bug #744018)
 CVE-2014-0164
 	RESERVED
+	- mcollective <unfixed>
 CVE-2014-0163
 	RESERVED
 CVE-2014-0162 (The Sheepdog backend in OpenStack Image Registry and Delivery Service ...)
@@ -8037,6 +8041,7 @@
 	- qemu-kvm <removed>
 CVE-2014-0149
 	RESERVED
+	NOT-FOR-US: JBoss Seam
 CVE-2014-0148
 	RESERVED
 	- qemu 2.0.0+dfsg-1 (bug #742730)
@@ -8168,8 +8173,10 @@
 	NOT-FOR-US: Apache Syncope
 CVE-2014-0110
 	RESERVED
+	NOT-FOR-US: Apache CXF
 CVE-2014-0109
 	RESERVED
+	NOT-FOR-US: Apache CXF
 CVE-2014-0108
 	RESERVED
 CVE-2014-0107 (The TransformerFactory in Apache Xalan-Java before 2.7.2 does not ...)
@@ -28217,8 +28224,10 @@
 	RESERVED
 CVE-2013-0035
 	RESERVED
+	NOT-FOR-US: Apache CXF
 CVE-2013-0034
 	RESERVED
+	NOT-FOR-US: Apache CXF
 CVE-2013-0033
 	RESERVED
 CVE-2013-0032

More information about the Secure-testing-commits mailing list