[Secure-testing-commits] r27024 - in data: . CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Fri May 23 10:44:21 UTC 2014
Author: jmm
Date: 2014-05-23 10:44:21 +0000 (Fri, 23 May 2014)
New Revision: 27024
Modified:
data/CVE/list
data/dsa-needed.txt
Log:
vlc n/a
qemu fixed
I'll deal with some DSAs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-05-23 09:14:10 UTC (rev 27023)
+++ data/CVE/list 2014-05-23 10:44:21 UTC (rev 27024)
@@ -870,7 +870,7 @@
CVE-2014-3442
RESERVED
CVE-2014-3441 (codec\libpng_plugin.dll in VideoLAN VLC Media Player 2.1.3 allows ...)
- - vlc <undetermined>
+ - vlc <not-affected> (VLC in Debian uses the system version of libpng which handles the malformed file correctly as invalid)
NOTE: http://packetstormsecurity.com/files/126564/VLC-Player-2.1.3-Memory-Corruption.html
CVE-2014-3440
RESERVED
@@ -9459,16 +9459,14 @@
RESERVED
CVE-2014-0223 [qcow1: Validate image size]
RESERVED
- - qemu <unfixed>
+ - qemu 2.0.0+dfsg-6
- qemu-kvm <removed>
NOTE: https://lists.gnu.org/archive/html/qemu-devel/2014-05/msg02156.html
- TODO: check
CVE-2014-0222 [qcow1: Validate L2 table size]
RESERVED
- - qemu <unfixed>
+ - qemu 2.0.0+dfsg-6
- qemu-kvm <removed>
NOTE: https://lists.gnu.org/archive/html/qemu-devel/2014-05/msg02155.html
- TODO: check
CVE-2014-0221
RESERVED
CVE-2014-0220
Modified: data/dsa-needed.txt
===================================================================
--- data/dsa-needed.txt 2014-05-23 09:14:10 UTC (rev 27023)
+++ data/dsa-needed.txt 2014-05-23 10:44:21 UTC (rev 27024)
@@ -41,15 +41,15 @@
--
libxstream-java
--
-lxml
+lxml (jmm)
--
mantis
--
-mupdf
+mupdf (jmm)
--
modsecurity-apache/stable
--
-mod-wsgi
+mod-wsgi (jmm)
--
moodle/oldstable
--
@@ -63,9 +63,9 @@
--
python2.6
--
-python-gnupg
+python-gnupg (jmm)
--
-qemu-kvm
+qemu-kvm (jmm)
--
qt4-x11/oldstable
--
More information about the Secure-testing-commits
mailing list