[Secure-testing-commits] r29582 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Wed Oct 22 18:42:14 UTC 2014


Author: carnil
Date: 2014-10-22 18:42:14 +0000 (Wed, 22 Oct 2014)
New Revision: 29582

Modified:
   data/CVE/list
Log:
Add fixed version for zeromq3 issues

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2014-10-22 17:39:48 UTC (rev 29581)
+++ data/CVE/list	2014-10-22 18:42:14 UTC (rev 29582)
@@ -2478,14 +2478,12 @@
 	NOTE: http://sourceforge.net/p/ctags/code/791/
 CVE-2014-7203 (libzmq (aka ZeroMQ/C++) 4.0.x before 4.0.5 does not ensure that nonces ...)
 	- zeromq <undetermined>
-	- zeromq3 <unfixed>
+	- zeromq3 4.0.5+dfsg-1
 	NOTE: Code commit: https://github.com/zeromq/libzmq/issues/1191
-	TODO: check
 CVE-2014-7202 (stream_engine.cpp in libzmq (aka ZeroMQ/C++)) 4.0.5 before 4.0.5 ...)
 	- zeromq <undetermined>
-	- zeromq3 <unfixed>
+	- zeromq3 4.0.5+dfsg-1
 	NOTE: Code commit: https://github.com/zeromq/libzmq/issues/1190
-	TODO: check
 CVE-2014-7190 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
 	NOT-FOR-US: Openfiler
 CVE-2014-7189 (crpyto/tls in Go 1.1 before 1.3.2, when SessionTicketsDisabled is ...)




More information about the Secure-testing-commits mailing list