[Secure-testing-commits] r30156 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Wed Nov 19 17:07:36 UTC 2014
Author: carnil
Date: 2014-11-19 17:07:35 +0000 (Wed, 19 Nov 2014)
New Revision: 30156
Modified:
data/CVE/list
Log:
Update entry for CVE-2014-3558
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-11-19 17:03:26 UTC (rev 30155)
+++ data/CVE/list 2014-11-19 17:07:35 UTC (rev 30156)
@@ -12812,11 +12812,12 @@
CVE-2014-3559 (The oVirt storage backend in Red Hat Enterprise Virtualization 3.4 ...)
NOT-FOR-US: ovirt-engine-backend
CVE-2014-3558 (ReflectionHelper (org.hibernate.validator.util.ReflectionHelper) in ...)
- - libhibernate-validator-java 4.2.1-1 (low; bug #762690)
+ - libhibernate-validator-java <unfixed> (low; bug #762690)
NOTE: RedHat upgraded to new upstream versions in their security
NOTE: updates. No patches are available for the 4.0.x branch we
NOTE: have in Debian. Known fixed versions are 4.2.1, 4.3.2, and 5.1.2.
NOTE: Upstream ticket: https://hibernate.atlassian.net/browse/HV-912
+ NOTE: Fixed with 4.2.1-1 to experimental, update info with first version in unstable when fix in sid
CVE-2014-3557
RESERVED
CVE-2014-3556 [SMTP STARTTLS plaintext injection flaw]
More information about the Secure-testing-commits
mailing list