[Secure-testing-commits] r29361 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Fri Oct 10 18:37:39 UTC 2014
Author: jmm
Date: 2014-10-10 18:37:39 +0000 (Fri, 10 Oct 2014)
New Revision: 29361
Modified:
data/CVE/list
Log:
re-add no-dsa for rpcbind
gnome-shell no-dsa
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-10-10 12:04:44 UTC (rev 29360)
+++ data/CVE/list 2014-10-10 18:37:39 UTC (rev 29361)
@@ -1829,7 +1829,8 @@
RESERVED
CVE-2014-7300 [gnome-shell lockscreen bypass with printscreen key]
RESERVED
- - gnome-shell <unfixed>
+ - gnome-shell <unfixed> (low)
+ [wheezy] - gnome-shell <no-dsa> (Minor issue)
NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=737456
NOTE: PrtSc is an unauthenticated request that's available to untrusted
NOTE: parties. A series of requests can consume a large amount of memory.
@@ -47383,6 +47384,7 @@
RESERVED
- rpcbind <unfixed> (low)
[squeeze] - rpcbind <no-dsa> (Minor issue)
+ [wheezy] - rpcbind <no-dsa> (Minor issue)
- nfs-utils 1:1.2.5-1 (bug #457095)
NOTE: Upstream git repository of rpcbind: http://git.infradead.org/users/steved/rpcbind.git
NOTE: Based on discussion with upstream there's likely no security hole
More information about the Secure-testing-commits
mailing list