[Secure-testing-commits] r30163 - data/CVE

security tracker role sectracker at moszumanska.debian.org
Wed Nov 19 21:10:18 UTC 2014


Author: sectracker
Date: 2014-11-19 21:10:18 +0000 (Wed, 19 Nov 2014)
New Revision: 30163

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2014-11-19 21:09:51 UTC (rev 30162)
+++ data/CVE/list	2014-11-19 21:10:18 UTC (rev 30163)
@@ -1,3 +1,663 @@
+CVE-2015-0300
+	RESERVED
+CVE-2015-0299
+	RESERVED
+CVE-2015-0298
+	RESERVED
+CVE-2015-0297
+	RESERVED
+CVE-2015-0296
+	RESERVED
+CVE-2015-0295
+	RESERVED
+CVE-2015-0294
+	RESERVED
+CVE-2015-0293
+	RESERVED
+CVE-2015-0292
+	RESERVED
+CVE-2015-0291
+	RESERVED
+CVE-2015-0290
+	RESERVED
+CVE-2015-0289
+	RESERVED
+CVE-2015-0288
+	RESERVED
+CVE-2015-0287
+	RESERVED
+CVE-2015-0286
+	RESERVED
+CVE-2015-0285
+	RESERVED
+CVE-2015-0284
+	RESERVED
+CVE-2015-0283
+	RESERVED
+CVE-2015-0282
+	RESERVED
+CVE-2015-0281
+	RESERVED
+CVE-2015-0280
+	RESERVED
+CVE-2015-0279
+	RESERVED
+CVE-2015-0278
+	RESERVED
+CVE-2015-0277
+	RESERVED
+CVE-2015-0276
+	RESERVED
+CVE-2015-0275
+	RESERVED
+CVE-2015-0274
+	RESERVED
+CVE-2015-0273
+	RESERVED
+CVE-2015-0272
+	RESERVED
+CVE-2015-0271
+	RESERVED
+CVE-2015-0270
+	RESERVED
+CVE-2015-0269
+	RESERVED
+CVE-2015-0268
+	RESERVED
+CVE-2015-0267
+	RESERVED
+CVE-2015-0266
+	RESERVED
+CVE-2015-0265
+	RESERVED
+CVE-2015-0264
+	RESERVED
+CVE-2015-0263
+	RESERVED
+CVE-2015-0262
+	RESERVED
+CVE-2015-0261
+	RESERVED
+CVE-2015-0260
+	RESERVED
+CVE-2015-0259
+	RESERVED
+CVE-2015-0258
+	RESERVED
+CVE-2015-0257
+	RESERVED
+CVE-2015-0256
+	RESERVED
+CVE-2015-0255
+	RESERVED
+CVE-2015-0254
+	RESERVED
+CVE-2015-0253
+	RESERVED
+CVE-2015-0252
+	RESERVED
+CVE-2015-0251
+	RESERVED
+CVE-2015-0250
+	RESERVED
+CVE-2015-0249
+	RESERVED
+CVE-2015-0248
+	RESERVED
+CVE-2015-0247
+	RESERVED
+CVE-2015-0246
+	RESERVED
+CVE-2015-0245
+	RESERVED
+CVE-2015-0244
+	RESERVED
+CVE-2015-0243
+	RESERVED
+CVE-2015-0242
+	RESERVED
+CVE-2015-0241
+	RESERVED
+CVE-2015-0240
+	RESERVED
+CVE-2015-0239
+	RESERVED
+CVE-2015-0238
+	RESERVED
+CVE-2015-0237
+	RESERVED
+CVE-2015-0236
+	RESERVED
+CVE-2015-0235
+	RESERVED
+CVE-2015-0234
+	RESERVED
+CVE-2015-0233
+	RESERVED
+CVE-2015-0232
+	RESERVED
+CVE-2015-0231
+	RESERVED
+CVE-2015-0230
+	RESERVED
+CVE-2015-0229
+	RESERVED
+CVE-2015-0228
+	RESERVED
+CVE-2015-0227
+	RESERVED
+CVE-2015-0226
+	RESERVED
+CVE-2015-0225
+	RESERVED
+CVE-2015-0224
+	RESERVED
+CVE-2015-0223
+	RESERVED
+CVE-2015-0222
+	RESERVED
+CVE-2015-0221
+	RESERVED
+CVE-2015-0220
+	RESERVED
+CVE-2015-0219
+	RESERVED
+CVE-2015-0218
+	RESERVED
+CVE-2015-0217
+	RESERVED
+CVE-2015-0216
+	RESERVED
+CVE-2015-0215
+	RESERVED
+CVE-2015-0214
+	RESERVED
+CVE-2015-0213
+	RESERVED
+CVE-2015-0212
+	RESERVED
+CVE-2015-0211
+	RESERVED
+CVE-2015-0210
+	RESERVED
+CVE-2015-0209
+	RESERVED
+CVE-2015-0208
+	RESERVED
+CVE-2015-0207
+	RESERVED
+CVE-2015-0206
+	RESERVED
+CVE-2015-0205
+	RESERVED
+CVE-2015-0204
+	RESERVED
+CVE-2015-0203
+	RESERVED
+CVE-2015-0202
+	RESERVED
+CVE-2015-0201
+	RESERVED
+CVE-2015-0200
+	RESERVED
+CVE-2015-0199
+	RESERVED
+CVE-2015-0198
+	RESERVED
+CVE-2015-0197
+	RESERVED
+CVE-2015-0196
+	RESERVED
+CVE-2015-0195
+	RESERVED
+CVE-2015-0194
+	RESERVED
+CVE-2015-0193
+	RESERVED
+CVE-2015-0192
+	RESERVED
+CVE-2015-0191
+	RESERVED
+CVE-2015-0190
+	RESERVED
+CVE-2015-0189
+	RESERVED
+CVE-2015-0188
+	RESERVED
+CVE-2015-0187
+	RESERVED
+CVE-2015-0186
+	RESERVED
+CVE-2015-0185
+	RESERVED
+CVE-2015-0184
+	RESERVED
+CVE-2015-0183
+	RESERVED
+CVE-2015-0182
+	RESERVED
+CVE-2015-0181
+	RESERVED
+CVE-2015-0180
+	RESERVED
+CVE-2015-0179
+	RESERVED
+CVE-2015-0178
+	RESERVED
+CVE-2015-0177
+	RESERVED
+CVE-2015-0176
+	RESERVED
+CVE-2015-0175
+	RESERVED
+CVE-2015-0174
+	RESERVED
+CVE-2015-0173
+	RESERVED
+CVE-2015-0172
+	RESERVED
+CVE-2015-0171
+	RESERVED
+CVE-2015-0170
+	RESERVED
+CVE-2015-0169
+	RESERVED
+CVE-2015-0168
+	RESERVED
+CVE-2015-0167
+	RESERVED
+CVE-2015-0166
+	RESERVED
+CVE-2015-0165
+	RESERVED
+CVE-2015-0164
+	RESERVED
+CVE-2015-0163
+	RESERVED
+CVE-2015-0162
+	RESERVED
+CVE-2015-0161
+	RESERVED
+CVE-2015-0160
+	RESERVED
+CVE-2015-0159
+	RESERVED
+CVE-2015-0158
+	RESERVED
+CVE-2015-0157
+	RESERVED
+CVE-2015-0156
+	RESERVED
+CVE-2015-0155
+	RESERVED
+CVE-2015-0154
+	RESERVED
+CVE-2015-0153
+	RESERVED
+CVE-2015-0152
+	RESERVED
+CVE-2015-0151
+	RESERVED
+CVE-2015-0150
+	RESERVED
+CVE-2015-0149
+	RESERVED
+CVE-2015-0148
+	RESERVED
+CVE-2015-0147
+	RESERVED
+CVE-2015-0146
+	RESERVED
+CVE-2015-0145
+	RESERVED
+CVE-2015-0144
+	RESERVED
+CVE-2015-0143
+	RESERVED
+CVE-2015-0142
+	RESERVED
+CVE-2015-0141
+	RESERVED
+CVE-2015-0140
+	RESERVED
+CVE-2015-0139
+	RESERVED
+CVE-2015-0138
+	RESERVED
+CVE-2015-0137
+	RESERVED
+CVE-2015-0136
+	RESERVED
+CVE-2015-0135
+	RESERVED
+CVE-2015-0134
+	RESERVED
+CVE-2015-0133
+	RESERVED
+CVE-2015-0132
+	RESERVED
+CVE-2015-0131
+	RESERVED
+CVE-2015-0130
+	RESERVED
+CVE-2015-0129
+	RESERVED
+CVE-2015-0128
+	RESERVED
+CVE-2015-0127
+	RESERVED
+CVE-2015-0126
+	RESERVED
+CVE-2015-0125
+	RESERVED
+CVE-2015-0124
+	RESERVED
+CVE-2015-0123
+	RESERVED
+CVE-2015-0122
+	RESERVED
+CVE-2015-0121
+	RESERVED
+CVE-2015-0120
+	RESERVED
+CVE-2015-0119
+	RESERVED
+CVE-2015-0118
+	RESERVED
+CVE-2015-0117
+	RESERVED
+CVE-2015-0116
+	RESERVED
+CVE-2015-0115
+	RESERVED
+CVE-2015-0114
+	RESERVED
+CVE-2015-0113
+	RESERVED
+CVE-2015-0112
+	RESERVED
+CVE-2015-0111
+	RESERVED
+CVE-2015-0110
+	RESERVED
+CVE-2015-0109
+	RESERVED
+CVE-2015-0108
+	RESERVED
+CVE-2015-0107
+	RESERVED
+CVE-2015-0106
+	RESERVED
+CVE-2015-0105
+	RESERVED
+CVE-2015-0104
+	RESERVED
+CVE-2015-0103
+	RESERVED
+CVE-2015-0102
+	RESERVED
+CVE-2015-0101
+	RESERVED
+CVE-2015-0100
+	RESERVED
+CVE-2015-0099
+	RESERVED
+CVE-2015-0098
+	RESERVED
+CVE-2015-0097
+	RESERVED
+CVE-2015-0096
+	RESERVED
+CVE-2015-0095
+	RESERVED
+CVE-2015-0094
+	RESERVED
+CVE-2015-0093
+	RESERVED
+CVE-2015-0092
+	RESERVED
+CVE-2015-0091
+	RESERVED
+CVE-2015-0090
+	RESERVED
+CVE-2015-0089
+	RESERVED
+CVE-2015-0088
+	RESERVED
+CVE-2015-0087
+	RESERVED
+CVE-2015-0086
+	RESERVED
+CVE-2015-0085
+	RESERVED
+CVE-2015-0084
+	RESERVED
+CVE-2015-0083
+	RESERVED
+CVE-2015-0082
+	RESERVED
+CVE-2015-0081
+	RESERVED
+CVE-2015-0080
+	RESERVED
+CVE-2015-0079
+	RESERVED
+CVE-2015-0078
+	RESERVED
+CVE-2015-0077
+	RESERVED
+CVE-2015-0076
+	RESERVED
+CVE-2015-0075
+	RESERVED
+CVE-2015-0074
+	RESERVED
+CVE-2015-0073
+	RESERVED
+CVE-2015-0072
+	RESERVED
+CVE-2015-0071
+	RESERVED
+CVE-2015-0070
+	RESERVED
+CVE-2015-0069
+	RESERVED
+CVE-2015-0068
+	RESERVED
+CVE-2015-0067
+	RESERVED
+CVE-2015-0066
+	RESERVED
+CVE-2015-0065
+	RESERVED
+CVE-2015-0064
+	RESERVED
+CVE-2015-0063
+	RESERVED
+CVE-2015-0062
+	RESERVED
+CVE-2015-0061
+	RESERVED
+CVE-2015-0060
+	RESERVED
+CVE-2015-0059
+	RESERVED
+CVE-2015-0058
+	RESERVED
+CVE-2015-0057
+	RESERVED
+CVE-2015-0056
+	RESERVED
+CVE-2015-0055
+	RESERVED
+CVE-2015-0054
+	RESERVED
+CVE-2015-0053
+	RESERVED
+CVE-2015-0052
+	RESERVED
+CVE-2015-0051
+	RESERVED
+CVE-2015-0050
+	RESERVED
+CVE-2015-0049
+	RESERVED
+CVE-2015-0048
+	RESERVED
+CVE-2015-0047
+	RESERVED
+CVE-2015-0046
+	RESERVED
+CVE-2015-0045
+	RESERVED
+CVE-2015-0044
+	RESERVED
+CVE-2015-0043
+	RESERVED
+CVE-2015-0042
+	RESERVED
+CVE-2015-0041
+	RESERVED
+CVE-2015-0040
+	RESERVED
+CVE-2015-0039
+	RESERVED
+CVE-2015-0038
+	RESERVED
+CVE-2015-0037
+	RESERVED
+CVE-2015-0036
+	RESERVED
+CVE-2015-0035
+	RESERVED
+CVE-2015-0034
+	RESERVED
+CVE-2015-0033
+	RESERVED
+CVE-2015-0032
+	RESERVED
+CVE-2015-0031
+	RESERVED
+CVE-2015-0030
+	RESERVED
+CVE-2015-0029
+	RESERVED
+CVE-2015-0028
+	RESERVED
+CVE-2015-0027
+	RESERVED
+CVE-2015-0026
+	RESERVED
+CVE-2015-0025
+	RESERVED
+CVE-2015-0024
+	RESERVED
+CVE-2015-0023
+	RESERVED
+CVE-2015-0022
+	RESERVED
+CVE-2015-0021
+	RESERVED
+CVE-2015-0020
+	RESERVED
+CVE-2015-0019
+	RESERVED
+CVE-2015-0018
+	RESERVED
+CVE-2015-0017
+	RESERVED
+CVE-2015-0016
+	RESERVED
+CVE-2015-0015
+	RESERVED
+CVE-2015-0014
+	RESERVED
+CVE-2015-0013
+	RESERVED
+CVE-2015-0012
+	RESERVED
+CVE-2015-0011
+	RESERVED
+CVE-2015-0010
+	RESERVED
+CVE-2015-0009
+	RESERVED
+CVE-2015-0008
+	RESERVED
+CVE-2015-0007
+	RESERVED
+CVE-2015-0006
+	RESERVED
+CVE-2015-0005
+	RESERVED
+CVE-2015-0004
+	RESERVED
+CVE-2015-0003
+	RESERVED
+CVE-2015-0002
+	RESERVED
+CVE-2015-0001
+	RESERVED
+CVE-2014-8985
+	RESERVED
+CVE-2014-8984
+	RESERVED
+CVE-2014-8983
+	RESERVED
+CVE-2014-8982
+	RESERVED
+CVE-2014-8981
+	RESERVED
+CVE-2014-8980
+	RESERVED
+CVE-2014-8979
+	RESERVED
+CVE-2014-8978
+	RESERVED
+CVE-2014-8977
+	RESERVED
+CVE-2014-8976
+	RESERVED
+CVE-2014-8975
+	RESERVED
+CVE-2014-8974
+	RESERVED
+CVE-2014-8973
+	RESERVED
+CVE-2014-8972
+	RESERVED
+CVE-2014-8971
+	RESERVED
+CVE-2014-8970
+	RESERVED
+CVE-2014-8969
+	RESERVED
+CVE-2014-8968
+	RESERVED
+CVE-2014-8967
+	RESERVED
+CVE-2014-8966
+	RESERVED
+CVE-2014-8965
+	RESERVED
+CVE-2014-8964
+	RESERVED
+CVE-2014-8963
+	RESERVED
+CVE-2014-8962
+	RESERVED
+CVE-2014-8961
+	RESERVED
+CVE-2014-8960
+	RESERVED
+CVE-2014-8959
+	RESERVED
+CVE-2014-8958
+	RESERVED
+CVE-2014-8957
+	RESERVED
+CVE-2014-8956
+	RESERVED
 CVE-2014-8955 (Cross-site scripting (XSS) vulnerability in the Contact Form Clean and ...)
 	TODO: check
 CVE-2014-8954 (Multiple cross-site scripting (XSS) vulnerabilities in phpSound 1.0.5 ...)
@@ -803,8 +1463,7 @@
 	[squeeze] - dpkg <not-affected> (Regression introduced in 1.16.2)
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/dpkg/+bug/1389135
 	NOTE: Regression introduced with https://anonscm.debian.org/cgit/dpkg/dpkg.git/commit/?id=0b8652b226a7601dfd71471797d15168a7337242 (1.16.2)
-CVE-2014-8598 [XML Import/Export plugin unrestricted access]
-	RESERVED
+CVE-2014-8598 (The XML Import/Export plugin in MantisBT 1.2.x does not restrict ...)
 	- mantis <unfixed>
 	[squeeze] - mantis <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: https://github.com/mantisbt/mantisbt/commit/80a15487
@@ -1115,8 +1774,8 @@
 	[wheezy] - kfreebsd-8 <no-dsa> (kfreebsd-8 only a test kernel, can be fixed in a point release)
 	[squeeze] - kfreebsd-8 <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://security.FreeBSD.org/advisories/FreeBSD-SA-14:25.setlogin.asc
-CVE-2014-8475
-	RESERVED
+CVE-2014-8475 (FreeBSD 9.1, 9.2, and 10.0, when compiling OpenSSH with Kerberos ...)
+	TODO: check
 CVE-2014-8474 (CA Cloud Service Management (CSM) before Summer 2014 allows remote ...)
 	TODO: check
 CVE-2014-8473 (Cross-site request forgery (CSRF) vulnerability in CA Cloud Service ...)
@@ -2242,8 +2901,8 @@
 	NOT-FOR-US: Cisco IOS
 CVE-2014-7997 (The DHCP implementation in Cisco IOS on Aironet access points does not ...)
 	NOT-FOR-US: Cisco IOS
-CVE-2014-7996
-	RESERVED
+CVE-2014-7996 (Cross-site request forgery (CSRF) vulnerability in the web framework ...)
+	TODO: check
 CVE-2014-7995
 	RESERVED
 CVE-2014-7994
@@ -2404,59 +3063,47 @@
 	RESERVED
 CVE-2014-7911
 	RESERVED
-CVE-2014-7910 [Unspecified security issues]
-	RESERVED
+CVE-2014-7910 (Multiple unspecified vulnerabilities in Google Chrome before ...)
 	- chromium-browser <unfixed>
 	[squeeze] - chromium-browser <end-of-life>
 	NOTE: https://code.google.com/p/chromium/issues/detail?id=433500 (private)
-CVE-2014-7909 [Uninitialized memory read in Skia]
-	RESERVED
+CVE-2014-7909 (effects/SkDashPathEffect.cpp in Skia, as used in Google Chrome before ...)
 	- chromium-browser <unfixed>
 	[squeeze] - chromium-browser <end-of-life>
 	NOTE: https://code.google.com/p/chromium/issues/detail?id=391001 (private)
-CVE-2014-7908 [Integer overflow in media]
-	RESERVED
+CVE-2014-7908 (Multiple integer overflows in the CheckMov function in ...)
 	- chromium-browser <unfixed>
 	[squeeze] - chromium-browser <end-of-life>
 	NOTE: https://code.google.com/p/chromium/issues/detail?id=425980 (private)
-CVE-2014-7907 [Use-after-free in blink]
-	RESERVED
+CVE-2014-7907 (Multiple use-after-free vulnerabilities in ...)
 	- chromium-browser <unfixed>
 	[squeeze] - chromium-browser <end-of-life>
 	NOTE: https://code.google.com/p/chromium/issues/detail?id=424453 (private)
-CVE-2014-7906 [Use-after-free in pepper plugins]
-	RESERVED
+CVE-2014-7906 (Use-after-free vulnerability in the Pepper plugins in Google Chrome ...)
 	- chromium-browser <unfixed>
 	[squeeze] - chromium-browser <end-of-life>
 	NOTE: https://code.google.com/p/chromium/issues/detail?id=423030 (private)
-CVE-2014-7905 [Flaw allowing navigation to intents that do not have the BROWSABLE category]
-	RESERVED
+CVE-2014-7905 (Google Chrome before 39.0.2171.65 on Android does not prevent ...)
 	- chromium-browser <unfixed>
 	[squeeze] - chromium-browser <end-of-life>
 	NOTE: https://code.google.com/p/chromium/issues/detail?id=421817 (private)
-CVE-2014-7904 [Buffer overflow in Skia]
-	RESERVED
+CVE-2014-7904 (Buffer overflow in Skia, as used in Google Chrome before 39.0.2171.65, ...)
 	- chromium-browser <unfixed>
 	[squeeze] - chromium-browser <end-of-life>
 	NOTE: https://code.google.com/p/chromium/issues/detail?id=418161 (private)
-CVE-2014-7903
-	RESERVED
+CVE-2014-7903 (Buffer overflow in OpenJPEG before r2911 in PDFium, as used in Google ...)
 	- chromium-browser <unfixed>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-7902
-	RESERVED
+CVE-2014-7902 (Use-after-free vulnerability in PDFium, as used in Google Chrome ...)
 	- chromium-browser <unfixed>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-7901
-	RESERVED
+CVE-2014-7901 (Integer overflow in the opj_t2_read_packet_data function in ...)
 	- chromium-browser <unfixed>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-7900
-	RESERVED
+CVE-2014-7900 (Use-after-free vulnerability in the CPDF_Parser::IsLinearizedFile ...)
 	- chromium-browser <unfixed>
 	[squeeze] - chromium-browser <end-of-life>
-CVE-2014-7899 [Address bar spoofing]
-	RESERVED
+CVE-2014-7899 (Google Chrome before 38.0.2125.101 allows remote attackers to spoof ...)
 	- chromium-browser <unfixed>
 	[squeeze] - chromium-browser <end-of-life>
 	NOTE: http://googlechromereleases.blogspot.com/2014/11/stable-channel-update_18.html
@@ -2691,8 +3338,7 @@
 	- moodle <unfixed>
 	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-47865
-CVE-2014-7829 [Arbitrary file existence disclosure in Action Pack]
-	RESERVED
+CVE-2014-7829 (Directory traversal vulnerability in ...)
 	- rails <unfixed>
 	- rails-3.2 <unfixed>
 	- ruby-actionpack-3.2 <removed>
@@ -2714,8 +3360,7 @@
 	- linux <unfixed>
 	- linux-2.6 <removed>
 	NOTE: Fixed by https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=086ba77a6db00ed858ff07451bedee197df868c9 (v3.18-rc3)
-CVE-2014-7824
-	RESERVED
+CVE-2014-7824 (D-Bus 1.3.0 through 1.6.x before 1.6.26, 1.8.x before 1.8.10, and ...)
 	- dbus 1.8.10-1
 	[wheezy] - dbus <no-dsa> (Minor issue, will be fixed trough a stable proposed update)
 	[squeeze] - dbus <not-affected> (dbus 1.2.x does not support FD passing)
@@ -4224,8 +4869,7 @@
 	RESERVED
 CVE-2014-7147
 	RESERVED
-CVE-2014-7146 [XmlImportExport plugin PHP Code Injection]
-	RESERVED
+CVE-2014-7146 (The XmlImportExport plugin in MantisBT 1.2.17 and earlier allows ...)
 	- mantis <unfixed>
 	[squeeze] - mantis <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://www.mantisbt.org/bugs/view.php?id=17725
@@ -6076,8 +6720,8 @@
 	RESERVED
 CVE-2014-6325
 	RESERVED
-CVE-2014-6324
-	RESERVED
+CVE-2014-6324 (The Kerberos Key Distribution Center (KDC) in Microsoft Windows Server ...)
+	TODO: check
 CVE-2014-6323 (Microsoft Internet Explorer 7 through 11 allows remote attackers to ...)
 	TODO: check
 CVE-2014-6322 (The Windows Audio service in Microsoft Windows Vista SP2, Windows ...)
@@ -9592,8 +10236,8 @@
 	NOT-FOR-US: IBM
 CVE-2014-4818
 	RESERVED
-CVE-2014-4817
-	RESERVED
+CVE-2014-4817 (The server in IBM Tivoli Storage Manager (TSM) 5.x and 6.x before ...)
+	TODO: check
 CVE-2014-4816 (Cross-site request forgery (CSRF) vulnerability in the Administrative ...)
 	NOT-FOR-US: IBM WebSphere Application Server
 CVE-2014-4815
@@ -12234,7 +12878,7 @@
 	[jessie] - kfreebsd-9 <not-affected> (Kfreebsd 8/9 not present in jessie, workaround for #769128)
 	- kfreebsd-10 10.1~svn273874-1 (bug #766278)
 CVE-2014-3710 (The donote function in readelf.c in file through 5.20, as used in the ...)
-	{DSA-3072-1 DLA-86-1}
+	{DSA-3074-1 DSA-3072-1 DLA-86-1}
 	- file 1:5.20-2 (bug #768806)
 	NOTE: Upstream fix: https://github.com/file/file/commit/39c7ac1106be844a5296d3eb5971946cc09ffda0
 	- php5 5.6.3+dfsg-1 (bug #768807)
@@ -12546,12 +13190,11 @@
 	- php5 5.6.1+dfsg-1 (unimportant)
 	NOTE: Not exploitable
 	NOTE: https://bugs.php.net/bug.php?id=68088
-CVE-2014-3621 (The catalog url replacement in Keystone before 2013.2.3 and 2014.1 ...)
+CVE-2014-3621 (The catalog url replacement in OpenStack Identity (Keystone) before ...)
 	- keystone 2014.1.3-1
 	[wheezy] - keystone <not-affected> (Vulnerable code not present)
 	NOTE: up to 2013.2.3 and 2014.1 versions up to 2014.1.2.1
-CVE-2014-3620 [libcurl cookie leak for TLDs]
-	RESERVED
+CVE-2014-3620 (cURL and libcurl before 7.38.0 allow remote attackers to bypass the ...)
 	- curl 7.38.0-1
 	[wheezy] - curl <not-affected> (affects versions 7.31.0 and later)
 	[squeeze] - curl <not-affected> (affects versions 7.31.0 and later)
@@ -12582,8 +13225,7 @@
 	- pdns-recursor 3.6.1-1
 	[wheezy] - pdns-recursor <not-affected> (Only affects 3.6.0)
 	[squeeze] - pdns-recursor <not-affected> (Only affects 3.6.0)
-CVE-2014-3613 [libcurl cookie leak with IP address as domain]
-	RESERVED
+CVE-2014-3613 (cURL and libcurl before 7.38.0 does not properly handle IP addresses ...)
 	{DSA-3022-1 DLA-64-1}
 	- curl 7.38.0-1
 	NOTE: http://curl.haxx.se/docs/adv_20140910A.html




More information about the Secure-testing-commits mailing list