[Secure-testing-commits] r30052 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Thu Nov 13 21:40:23 UTC 2014
Author: jmm
Date: 2014-11-13 21:40:23 +0000 (Thu, 13 Nov 2014)
New Revision: 30052
Modified:
data/CVE/list
Log:
freecad fixed
automake no-dsa for jessie
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-11-13 21:34:51 UTC (rev 30051)
+++ data/CVE/list 2014-11-13 21:40:23 UTC (rev 30052)
@@ -816,7 +816,7 @@
CVE-2014-8296 (Cross-site scripting (XSS) vulnerability in the Modal Frame API module ...)
NOT-FOR-US: Drupal module Modal Frame API
CVE-2014-XXXX [freecad downloads and executes code]
- - freecad <unfixed> (bug #764814)
+ - freecad 0.14.3702+dfsg-3 (bug #764814)
CVE-2014-8295 (SQL injection vulnerability in joblogs.php in Bacula-Web 5.2.10 allows ...)
NOT-FOR-US: Bacula-Web
NOTE: Bacula-Web is not part of bacula itself and not ITP #656891
@@ -5422,7 +5422,8 @@
NOTE: http://github.com/mantisbt/mantisbt/commit/215968fa8 (1.2.x branch)
NOTE: http://github.com/mantisbt/mantisbt/commit/fc02c46ee (master branch)
CVE-2014-XXXX [install-sh: insecure use of /tmp]
- - automake-1.14 <unfixed> (bug #760455)
+ - automake-1.14 <unfixed> (low; bug #760455)
+ [jessie] - automake-1.14 <no-dsa> (Minor issue)
TODO: check other automake versions
CVE-2014-6252 (Buffer overflow in disp+work.exe 7000.52.12.34966 and ...)
NOT-FOR-US: SAP NetWeaver
More information about the Secure-testing-commits
mailing list