[Secure-testing-commits] r29434 - data/CVE
Michael Gilbert
mgilbert at moszumanska.debian.org
Thu Oct 16 23:54:10 UTC 2014
Author: mgilbert
Date: 2014-10-16 23:54:10 +0000 (Thu, 16 Oct 2014)
New Revision: 29434
Modified:
data/CVE/list
Log:
cgit entered the archive
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-10-16 21:14:17 UTC (rev 29433)
+++ data/CVE/list 2014-10-16 23:54:10 UTC (rev 29434)
@@ -33961,7 +33961,8 @@
{DSA-2694-1}
- spip 2.1.22-1 (bug #709674)
CVE-2013-2117 (Directory traversal vulnerability in the cgit_parse_readme function in ...)
- - cgit <itp> (bug #515793)
+ - cgit <unfixed>
+ TODO: check
CVE-2013-2116 (The _gnutls_ciphertext2compressed function in lib/gnutls_cipher.c in ...)
{DSA-2697-1}
- gnutls26 2.12.23-5 (bug #709301)
@@ -45380,7 +45381,8 @@
CVE-2012-4549 (The processInvocation function in ...)
- jbossas4 <not-affected> (Only builds a few libraries, not the full application server)
CVE-2012-4548 (Argument injection vulnerability in syntax-highlighting.sh in cgit ...)
- - cgit <itp> (bug #515793)
+ - cgit <unfixed>
+ TODO: check
CVE-2012-4547 (Unspecified vulnerability in awredir.pl in AWStats before 7.1 has ...)
- awstats <not-affected>
NOTE: awredir.pl is not installed into the binary package
@@ -45605,7 +45607,8 @@
- ruby1.9.1 1.9.3.194-2 (low; bug #689075)
[squeeze] - ruby1.9.1 <no-dsa> (Minor issue)
CVE-2012-4465 (Heap-based buffer overflow in the substr function in parsing.c in cgit ...)
- - cgit <itp> (bug #515793)
+ - cgit <unfixed>
+ TODO: check
CVE-2012-4464 (Ruby 1.9.3 before patchlevel 286 and 2.0 before revision r37068 allows ...)
- ruby1.9.1 1.9.3.194-2 (low; bug #689075)
[squeeze] - ruby1.9.1 <not-affected> (Introduced in 1.9.3)
More information about the Secure-testing-commits
mailing list