[Secure-testing-commits] r30194 - data/CVE

Moritz Muehlenhoff jmm at moszumanska.debian.org
Thu Nov 20 17:05:14 UTC 2014


Author: jmm
Date: 2014-11-20 17:05:14 +0000 (Thu, 20 Nov 2014)
New Revision: 30194

Modified:
   data/CVE/list
Log:
tinymce no-dsa
fix ruby entry, the version without the distribution needs to be the fix in unstable


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2014-11-20 16:49:53 UTC (rev 30193)
+++ data/CVE/list	2014-11-20 17:05:14 UTC (rev 30194)
@@ -49006,6 +49006,7 @@
 	NOT-FOR-US: jCore
 CVE-2012-4230 (The bbcode plugin in TinyMCE 3.5.8 does not properly enforce the ...)
 	- tinymce <unfixed> (low)
+	[jessie] - tinymce <no-dsa> (Minor issue)
 	[squeeze] - tinymce <no-dsa> (Minor issue)
 	[wheezy] - tinymce <no-dsa> (Minor issue)
 CVE-2012-4229
@@ -65883,7 +65884,8 @@
 CVE-2011-3010 (Multiple cross-site scripting (XSS) vulnerabilities in TWiki before ...)
 	NOT-FOR-US: Twiki
 CVE-2011-3009 (Ruby before 1.8.6-p114 does not reset the random seed upon forking, ...)
-	- ruby1.8 1.8.7.302-2squeeze2
+	- ruby1.8 1.8.7.352-1
+	[squeeze] - ruby1.8 1.8.7.302-2squeeze2
 CVE-2011-3008 (The default configuration of Avaya Secure Access Link (SAL) Gateway ...)
 	NOT-FOR-US: Avaya Secure Access Link Gateway
 CVE-2008-7298 (The Android browser in Android cannot properly restrict modifications ...)




More information about the Secure-testing-commits mailing list