[Secure-testing-commits] r30195 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Thu Nov 20 19:31:38 UTC 2014
Author: jmm
Date: 2014-11-20 19:31:38 +0000 (Thu, 20 Nov 2014)
New Revision: 30195
Modified:
data/CVE/list
Log:
libdata-uuid-perl no-dsa
ntp also no-dsa for jessie
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-11-20 17:05:14 UTC (rev 30194)
+++ data/CVE/list 2014-11-20 19:31:38 UTC (rev 30195)
@@ -28403,6 +28403,7 @@
NOT-FOR-US: easyXDM
CVE-2013-5211 (The monlist feature in ntp_request.c in ntpd in NTP before 4.2.7p26 ...)
- ntp <unfixed> (low; bug #733940)
+ [jessie] - ntp <no-dsa> (No backportable code fix exists, default configuration is safe, tiny subsection of affected users can run a backport)
[wheezy] - ntp <no-dsa> (No backportable code fix exists, default configuration is safe, tiny subsection of affected users can run a backport)
[squeeze] - ntp <no-dsa> (No backportable code fix exists, default configuration is safe, tiny subsection of affected users can run a backport)
NOTE: http://bugs.ntp.org/show_bug.cgi?id=1532
@@ -31328,6 +31329,8 @@
CVE-2013-4184 [symlink attacks]
RESERVED
- libdata-uuid-perl <unfixed> (low; bug #718949)
+ [wheezy] - libdata-uuid-perl <no-dsa> (Rendered non-exploitable by kernel hardening)
+ [jessie] - libdata-uuid-perl <no-dsa> (Rendered non-exploitable by kernel hardening)
CVE-2013-4183 (The clear_volume function in LVMVolumeDriver driver in OpenStack ...)
- cinder 2013.1.2-4 (bug #719010)
CVE-2013-4182 (app/controllers/api/v1/hosts_controller.rb in Foreman before 1.2.2 ...)
More information about the Secure-testing-commits
mailing list