[Secure-testing-commits] r30104 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Mon Nov 17 20:52:52 UTC 2014
Author: carnil
Date: 2014-11-17 20:52:51 +0000 (Mon, 17 Nov 2014)
New Revision: 30104
Modified:
data/CVE/list
Log:
Add temporary item for python-pip issue
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-11-17 20:41:10 UTC (rev 30103)
+++ data/CVE/list 2014-11-17 20:52:51 UTC (rev 30104)
@@ -7,6 +7,11 @@
- xdg-utils <unfixed>
NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=66670
TODO: check
+CVE-2013-XXXX [Local DoS with predictable temp directory names]
+ - python-pip <unfixed> (bug #725847)
+ [wheezy] - python-pip <not-affected> (Vulnerable code only in >= 1.3)
+ [squeeze] - python-pip <not-affected> (Vulnerable code only in >= 1.3)
+ NOTE: https://github.com/pypa/pip/pull/2122
CVE-2014-XXXX [Cross-Site Scripting in adm_config_report.php]
- mantis <not-affected> (Vulnerable code introduced later)
NOTE: Affected upstream versions >= 1.2.13, <= 1.2.17
More information about the Secure-testing-commits
mailing list