[Secure-testing-commits] r29434 - data/CVE

Michael Gilbert mgilbert at moszumanska.debian.org
Thu Oct 16 23:54:10 UTC 2014


Author: mgilbert
Date: 2014-10-16 23:54:10 +0000 (Thu, 16 Oct 2014)
New Revision: 29434

Modified:
   data/CVE/list
Log:
cgit entered the archive

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2014-10-16 21:14:17 UTC (rev 29433)
+++ data/CVE/list	2014-10-16 23:54:10 UTC (rev 29434)
@@ -33961,7 +33961,8 @@
 	{DSA-2694-1}
 	- spip 2.1.22-1 (bug #709674)
 CVE-2013-2117 (Directory traversal vulnerability in the cgit_parse_readme function in ...)
-	- cgit <itp> (bug #515793)
+	- cgit <unfixed>
+	TODO: check
 CVE-2013-2116 (The _gnutls_ciphertext2compressed function in lib/gnutls_cipher.c in ...)
 	{DSA-2697-1}
 	- gnutls26 2.12.23-5 (bug #709301)
@@ -45380,7 +45381,8 @@
 CVE-2012-4549 (The processInvocation function in ...)
 	- jbossas4 <not-affected> (Only builds a few libraries, not the full application server)
 CVE-2012-4548 (Argument injection vulnerability in syntax-highlighting.sh in cgit ...)
-	- cgit <itp> (bug #515793)
+	- cgit <unfixed>
+	TODO: check
 CVE-2012-4547 (Unspecified vulnerability in awredir.pl in AWStats before 7.1 has ...)
 	- awstats <not-affected>
 	NOTE: awredir.pl is not installed into the binary package
@@ -45605,7 +45607,8 @@
 	- ruby1.9.1 1.9.3.194-2 (low; bug #689075)
 	[squeeze] - ruby1.9.1 <no-dsa> (Minor issue)
 CVE-2012-4465 (Heap-based buffer overflow in the substr function in parsing.c in cgit ...)
-	- cgit <itp> (bug #515793)
+	- cgit <unfixed>
+	TODO: check
 CVE-2012-4464 (Ruby 1.9.3 before patchlevel 286 and 2.0 before revision r37068 allows ...)
 	- ruby1.9.1 1.9.3.194-2 (low; bug #689075)
 	[squeeze] - ruby1.9.1 <not-affected> (Introduced in 1.9.3)




More information about the Secure-testing-commits mailing list