[Secure-testing-commits] r30216 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Fri Nov 21 09:51:10 UTC 2014
Author: carnil
Date: 2014-11-21 09:51:10 +0000 (Fri, 21 Nov 2014)
New Revision: 30216
Modified:
data/CVE/list
Log:
Revert "mark CVE-2014-3916 as unfixed on wheezy+squeeze, the package aint removed there" (as per short IRC discussion)
This reverts commit 57b9c96a1a8721e3d9df9ca07386c6471848160a.
NOTE: As <removed> implies <unfixed> for the suites which still have the
source package this should not be needed. The entries are also marked
(unimportant) due to only exploitable aparently in the Windows build but
source affected? (maybe this needs to be double0checked)
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-11-21 09:26:34 UTC (rev 30215)
+++ data/CVE/list 2014-11-21 09:51:10 UTC (rev 30216)
@@ -12541,10 +12541,6 @@
- ruby2.0 <removed> (unimportant)
- ruby1.9.1 <removed> (unimportant)
- ruby1.8 <removed> (unimportant)
- [wheezy] - ruby1.9.1 <unfixed> (unimportant)
- [wheezy] - ruby1.8 <unfixed> (unimportant)
- [squeeze] - ruby1.9.1 <unfixed> (unimportant)
- [squeeze] - ruby1.8 <unfixed> (unimportant)
NOTE: Only exploitable on Windows
CVE-2014-3915 (The userRequest servlet in the Admin Center for Tivoli Storage Manager ...)
NOT-FOR-US: Rocket Servergraph
More information about the Secure-testing-commits
mailing list