[Secure-testing-commits] r30452 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Sat Nov 29 22:43:28 UTC 2014
Author: jmm
Date: 2014-11-29 22:43:28 +0000 (Sat, 29 Nov 2014)
New Revision: 30452
Modified:
data/CVE/list
Log:
miniupnpd n/a
trafficserver, librsync no-dsa
filed bug for nagios
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-11-29 21:51:21 UTC (rev 30451)
+++ data/CVE/list 2014-11-29 22:43:28 UTC (rev 30452)
@@ -3032,6 +3032,7 @@
CVE-2014-8242
RESERVED
- librsync <unfixed> (low)
+ [jessie] - librsync <no-dsa> (Minor issue, too instrusive to backport)
[wheezy] - librsync <no-dsa> (Minor issue, too instrusive to backport)
[squeeze] - librsync <no-dsa> (Minor issue, too instrusive to backport)
CVE-2014-8241
@@ -13929,7 +13930,8 @@
CVE-2014-3526
RESERVED
CVE-2014-3525 (Unspecified vulnerability in Apache Traffic Server 3.x through 3.2.5, ...)
- - trafficserver 5.0.1-1
+ - trafficserver 5.0.1-1 (low)
+ [wheezy] - trafficserver <no-dsa> (Minor issue)
CVE-2014-3524 (Apache OpenOffice before 4.1.1 allows remote attackers to execute ...)
NOT-FOR-US: OpenOffice for Windows
CVE-2014-3523 (Memory leak in the winnt_accept function in server/mpm/winnt/child.c ...)
@@ -22523,7 +22525,7 @@
NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=686740
NOTE: https://git.gnome.org/browse/gnome-shell/commit/js/ui/screenShield.js?id=209014b083dbe86ed0e0860a6016735571b56f94
CVE-2013-7205 (Off-by-one error in the process_cgivars function in ...)
- - nagios3 <unfixed> (low)
+ - nagios3 <unfixed> (low; bug #771466)
[squeeze] - nagios3 <no-dsa> (Minor issue)
[wheezy] - nagios3 <no-dsa> (Minor issue)
NOTE: additional changed files for nagios3, cf. CVE-2013-7108
@@ -22679,7 +22681,7 @@
CVE-2013-7108 (Multiple off-by-one errors in Nagios Core 3.5.1, 4.0.2, and earlier, ...)
{DSA-2956-1 DLA-60-1}
- icinga 1.10.2-1 (low)
- - nagios3 <unfixed> (low)
+ - nagios3 <unfixed> (low; bug #771466)
[squeeze] - nagios3 <no-dsa> (Minor issue)
[wheezy] - nagios3 <no-dsa> (Minor issue)
NOTE: https://dev.icinga.org/issues/5251
@@ -39344,9 +39346,9 @@
CVE-2013-1463 (Cross-site scripting (XSS) vulnerability in ...)
NOT-FOR-US: WordPress plugin
CVE-2013-1462 (Integer signedness error in the ExecuteSoapAction function in the ...)
- - miniupnpd <unfixed>
+ - miniupnpd <not-affected> (Fixed before initial upload to archive)
CVE-2013-1461 (The ExecuteSoapAction function in the SOAPAction handler in the HTTP ...)
- - miniupnpd <unfixed>
+ - miniupnpd <not-affected> (Fixed before initial upload to archive)
CVE-2013-1460
RESERVED
CVE-2013-1459
More information about the Secure-testing-commits
mailing list