[Secure-testing-commits] r30051 - data/CVE

Moritz Muehlenhoff jmm at moszumanska.debian.org
Thu Nov 13 21:34:51 UTC 2014 

Author: jmm
Date: 2014-11-13 21:34:51 +0000 (Thu, 13 Nov 2014)
New Revision: 30051

Modified:
   data/CVE/list
Log:
another jessie no-dsa
transifex-client fixed
xemacs21 n/a
webfs only relies on gnutls, if it gets disabled there, no further change needed
ocaml-ssl is an openssl wrapper, so remove


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2014-11-13 21:10:15 UTC (rev 30050)
+++ data/CVE/list	2014-11-13 21:34:51 UTC (rev 30051)
@@ -11958,7 +11958,6 @@
 	- netsurf <unfixed> (unimportant)
 	- nginx <unfixed> (bug #767456)
 	- nss <unfixed>
-	- ocaml-ssl <unfixed>
 	- ocsigenserver <unfixed>
 	- openjdk-6 <unfixed>
 	- openjdk-7 <unfixed>
@@ -11969,7 +11968,6 @@
 	[wheezy] - tlslite <no-dsa> (Minor issue)
 	- tomcatjss <unfixed>
 	- uzbl <unfixed> (unimportant)
-	- webfs <unfixed>
 	- yaws <unfixed>
 	- znc <unfixed> (bug #766957)
 	NOTE: https://www.openssl.org/~bodo/ssl-poodle.pdf
@@ -13011,8 +13009,7 @@
 	[wheezy] - emacs23 <no-dsa> (Minor issue)
 	[squeeze] - emacs23 <no-dsa> (Minor issue)
 	- emacs24 24.3+1-4
-	- xemacs21-packages <unfixed> (low)
-	[squeeze] - xemacs21-packages <no-dsa> (Minor issue)
+	- xemacs21-packages <not-affected> (Vulnerable code not present)
 	NOTE: http://lists.gnu.org/archive/html/emacs-diffs/2014-05/msg00057.html
 CVE-2014-3422 (lisp/emacs-lisp/find-gc.el in GNU Emacs 24.3 and earlier allows local ...)
 	- emacs23 <unfixed> (bug #747100)
@@ -20884,7 +20881,7 @@
 CVE-2013-7111 (The put_call function in the API client (api/api_client.rb) in the ...)
 	NOT-FOR-US: Bio Basespace SDK Ruby Gem
 CVE-2013-7110 (Transifex command-line client before 0.10 does not validate X.509 ...)
-	- transifex-client <unfixed> (low)
+	- transifex-client 0.10-1
 	[wheezy] - transifex-client <not-affected> (Incomplete patch was never released)
 	NOTE: fix for CVE-2013-2073 was incorrect/incomplete
 	NOTE: https://github.com/transifex/transifex-client/issues/42
@@ -21650,6 +21647,7 @@
 	NOTE: A malicious RDP server has many more ways to mess with an RDP client
 CVE-2014-0249 (The System Security Services Daemon (SSSD) 1.11.6 does not properly ...)
 	- sssd <unfixed> (low; bug #749569)
+	[jessie] - sssd <no-dsa> (Minor issue)
 	[squeeze] - sssd <no-dsa> (Minor issue)
 	[wheezy] - sssd <no-dsa> (Minor issue)
 CVE-2014-0248 (org.jboss.seam.web.AuthenticationFilter in Red Hat JBoss Web Framework ...)
@@ -41387,7 +41385,6 @@
 	[squeeze] - matrixssl <no-dsa> (Minor issue)
 	[wheezy] - matrixssl <no-dsa> (Minor issue)
 	NOTE: matrixssl fixed this upstream in 3.4.1
-	- ocaml-ssl <unfixed>
 	- tlslite <removed>
 	[wheezy] - tlslite <no-dsa> (Minor issue)
 	- tomcatjss <unfixed>
@@ -63343,8 +63340,6 @@
 	- gnutls28 <unfixed>
 	NOTE: guntls recommends to use TLS 1.1 or 1.2.  There doesn't seem to be a fix for TLS 1.0.
 	- haskell-tls <unfixed>
-	- ocaml-ssl <unfixed>
-	NOTE: ocaml-tls (not in Debian) does seem to have fixed this.
 	- matrixssl <removed> (low)
 	[squeeze] - matrixssl <no-dsa> (Minor issue)
 	[wheezy] - matrixssl <no-dsa> (Minor issue)

More information about the Secure-testing-commits mailing list