[Secure-testing-commits] r29204 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Thu Oct 2 13:47:21 UTC 2014
Author: jmm
Date: 2014-10-02 13:47:21 +0000 (Thu, 02 Oct 2014)
New Revision: 29204
Modified:
data/CVE/list
Log:
bundler no-dsa
python no-dsa (update for 26)
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-10-02 12:38:53 UTC (rev 29203)
+++ data/CVE/list 2014-10-02 13:47:21 UTC (rev 29204)
@@ -294,7 +294,11 @@
- bash 4.3-9.2
CVE-2014-7185 [integer overflow in 'buffer' type allows reading memory]
RESERVED
- - python2.7 <unfixed>
+ - python2.6 <removed> (low)
+ [squeeze] - python2.6 <no-dsa> (Minor issue)
+ [wheezy] - python2.6 <no-dsa> (Minor issue)
+ - python2.7 <unfixed> (low)
+ [wheezy] - python2.7 <no-dsa> (Minor issue)
NOTE: http://bugs.python.org/issue21831
NOTE: Upstream fix http://hg.python.org/cpython/rev/8d963c7db507
CVE-2014-7168
@@ -37270,7 +37274,8 @@
- nova 2012.1.1-14 (bug #701773)
CVE-2013-0334 [may install gems from a different source than expected]
RESERVED
- - bundler 1.7.2-1 (bug #762739)
+ - bundler 1.7.2-1 (low; bug #762739)
+ [wheezy] - bundler <no-dsa> (Minor issue)
CVE-2013-0333 (lib/active_support/json/backends/yaml.rb in Ruby on Rails 2.3.x before ...)
{DSA-2613-1}
- rails 2.3.14.1 (bug #699226)
More information about the Secure-testing-commits
mailing list