[Secure-testing-commits] r26899 - in data: . CVE

Moritz Muehlenhoff jmm at moszumanska.debian.org
Mon May 12 06:42:36 UTC 2014 

Author: jmm
Date: 2014-05-12 06:42:36 +0000 (Mon, 12 May 2014)
New Revision: 26899

Modified:
   data/CVE/list
   data/dsa-needed.txt
   data/embedded-code-copies
Log:
snappy code copy fixed in chromium
dsa needed for lxml
policycoreutils N/A


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2014-05-11 15:49:21 UTC (rev 26898)
+++ data/CVE/list	2014-05-12 06:42:36 UTC (rev 26899)
@@ -444,7 +444,7 @@
 	NOTE: https://git.kernel.org/linus/d214c7537bbf2f247991fb65b3420b0b3d712c67
 CVE-2014-3430 [dovecot: DoS]
 	RESERVED
-	- dovecot 1:2.2.13~rc1-1 (bug #747549)
+	- dovecot 1:2.2.13~rc1-1 (low; bug #747549)
 	NOTE: http://permalink.gmane.org/gmane.mail.imap.dovecot/77499
 CVE-2014-3426 (NCSA Mosaic 2.1 through 2.7b5 allows local users to cause a denial of ...)
 	- mosaic 2.7b5-3
@@ -502,8 +502,7 @@
 CVE-2014-3216
 	RESERVED
 CVE-2014-3215 (seunshare in policycoreutils 2.2.5 is owned by root with 4755 ...)
-	- policycoreutils <undetermined>
-	TODO: check
+	- policycoreutils <not-affected> (seunshare not enabled/built in Debian)
 CVE-2014-3214 (The prefetch implementation in named in ISC BIND 9.10.0, when a ...)
 	- bind9 <not-affected> (prefetch option introduced in BIND 9.10.0b1)
 	NOTE: https://kb.isc.org/article/AA-01161
@@ -8814,7 +8813,6 @@
 	- ruby-actionpack-3.2 <removed> (bug #747382)
 	- rails-3.2 3.2.18-1 (bug #747382)
 	- rails-4.0 <unfixed> (bug #747380)
-	TODO: check
 CVE-2014-0129 (badges/mybadges.php in Moodle 2.5.x before 2.5.5 and 2.6.x before ...)
 	- moodle 2.6.2-1
 	[squeeze] - moodle <not-affected> (Vulnerable code not present)

Modified: data/dsa-needed.txt
===================================================================
--- data/dsa-needed.txt	2014-05-11 15:49:21 UTC (rev 26898)
+++ data/dsa-needed.txt	2014-05-12 06:42:36 UTC (rev 26899)
@@ -39,6 +39,8 @@
 --
 libxstream-java
 --
+lxml
+--
 mantis
 --
 mupdf

Modified: data/embedded-code-copies
===================================================================
--- data/embedded-code-copies	2014-05-11 15:49:21 UTC (rev 26898)
+++ data/embedded-code-copies	2014-05-12 06:42:36 UTC (rev 26899)
@@ -2633,7 +2633,7 @@
 	- supertuxkart <unfixed> (modified-embed)
 
 snappy
-	- chromium-browser <unfixed>
+	- chromium-browser 35.0.1916.86-1
 	NOTE: not sure if it's build
 	- mongodb <unfixed>
 	NOTE: needs further checks

More information about the Secure-testing-commits mailing list