[Secure-testing-commits] r30379 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Thu Nov 27 09:33:47 UTC 2014
Author: jmm
Date: 2014-11-27 09:33:47 +0000 (Thu, 27 Nov 2014)
New Revision: 30379
Modified:
data/CVE/list
Log:
filed bug for libreoffice, correct fix reference
remove apache2, relies on openssl; will be fixed once openssl is fixed
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-11-27 09:12:20 UTC (rev 30378)
+++ data/CVE/list 2014-11-27 09:33:47 UTC (rev 30379)
@@ -40,10 +40,9 @@
NOTE: https://github.com/teeworlds/teeworlds/commit/a766cb44bcffcdb0b88e776d01c5ee1323d44f85
NOTE: https://www.teeworlds.com/?page=news&id=11200
CVE-2014-9093 [crash importing malformed .rtf]
- - libreoffice <unfixed>
+ - libreoffice <unfixed> (bug #771163)
NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=86449
- NOTE: http://cgit.freedesktop.org/libreoffice/core/commit/?h=libreoffice-4-3
- NOTE: http://cgit.freedesktop.org/libreoffice/core/commit/sd/source/core/stlpool.cxx?id=a784c33fd48eeb3394dc63610e384cf866233093
+ NOTE: http://cgit.freedesktop.org/libreoffice/core/commit/?h=libreoffice-4-3&id=b4840d3632e4404bee4bd192a7db916cbad3a401
CVE-2014-9092
- libjpeg-turbo 1:1.3.1-11 (bug #768369)
CVE-2014-9090
@@ -13690,7 +13689,6 @@
{DSA-3053-1 DLA-81-1}
- openssl 1.0.1j-1
CVE-2014-3566 (The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other ...)
- - apache2 2.4.10-6
- arora <unfixed> (unimportant)
- bouncycastle <not-affected> (SSLv3 needs to be explicitly enabled)
NOTE: http://www.kb.cert.org/vuls/id/BLUU-9PYTFQ
More information about the Secure-testing-commits
mailing list