[Secure-testing-commits] r29808 - data/CVE

Thijs Kinkhorst thijs at moszumanska.debian.org
Mon Nov 3 13:04:47 UTC 2014


Author: thijs
Date: 2014-11-03 13:04:46 +0000 (Mon, 03 Nov 2014)
New Revision: 29808

Modified:
   data/CVE/list
Log:
two mod_auth_mellon issues already fixed


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2014-11-03 09:36:53 UTC (rev 29807)
+++ data/CVE/list	2014-11-03 13:04:46 UTC (rev 29808)
@@ -1,5 +1,9 @@
 CVE-2014-8582
 	NOT-FOR-US: FortiNet FortiADC-E
+CVE-2014-8567 [mod_auth_mellon logout requests would crash the Apache web server]
+	- libapache2-mod-auth-mellon 0.9.0
+CVE-2014-8566 [mod_auth_mellon information disclosure]
+	- libapache2-mod-auth-mellon 0.9.1
 CVE-2014-8554 [SQL injection vulnerability in MantisBT SOAP API]
 	- mantis <removed>
 	[squeeze] - mantis <end-of-life> (Unsupported in squeeze-lts)




More information about the Secure-testing-commits mailing list