[Secure-testing-commits] r30418 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Fri Nov 28 20:31:03 UTC 2014
Author: carnil
Date: 2014-11-28 20:31:03 +0000 (Fri, 28 Nov 2014)
New Revision: 30418
Modified:
data/CVE/list
Log:
Add bug referece for libyaml and add note for pyyaml
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-11-28 20:23:54 UTC (rev 30417)
+++ data/CVE/list 2014-11-28 20:31:03 UTC (rev 30418)
@@ -1,8 +1,9 @@
CVE-2014-9130 [denial-of-service/application crash with untrusted yaml input]
- - libyaml <unfixed>
+ - libyaml <unfixed> (bug #771366)
- libyaml-libyaml-perl <unfixed> (bug #771365)
- pyyaml <unfixed>
NOTE: https://bitbucket.org/xi/libyaml/issue/10/wrapped-strings-cause-assert-failure
+ NOTE: for pyyaml: might be need to be removed here (no-CVE assigned) or separate CVE
CVE-2014-9117 [CAPTCHA bypass]
- mantis <unfixed>
[squeeze] - mantis <end-of-life> (Unsupported in squeeze-lts)
More information about the Secure-testing-commits
mailing list