[Secure-testing-commits] r29671 - data/CVE

Joey Hess joeyh at moszumanska.debian.org
Sun Oct 26 21:14:14 UTC 2014 

Author: joeyh
Date: 2014-10-26 21:14:14 +0000 (Sun, 26 Oct 2014)
New Revision: 29671

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2014-10-26 21:11:18 UTC (rev 29670)
+++ data/CVE/list	2014-10-26 21:14:14 UTC (rev 29671)
@@ -11049,6 +11049,7 @@
 	- jenkins 1.565.3-1 (bug #763899)
 CVE-2014-3660 [libxml2 billion laugh variant]
 	RESERVED
+	{DSA-3057-1}
 	- libxml2 2.9.2+dfsg1-1 (bug #765722)
 	NOTE: https://www.ncsc.nl/actueel/nieuwsberichten/kwetsbaarheid-ontdekt-in-libxml2.html
 	NOTE: https://git.gnome.org/browse/libxml2/commit/?id=be2a7edaf289c5da74a4f9ed3a0b6c733e775230
@@ -11421,7 +11422,7 @@
 	NOTE: http://googleonlinesecurity.blogspot.fr/2014/10/this-poodle-bites-exploiting-ssl-30.html
 	NOTE: This is only about the SSLv3 CBC padding, not about any downgrade attack or support for the fallback SCSV
 	NOTE: Fix is to disable SSLv3 in library or application configurations 
-        NOTE: Browsers based on webkit (with the exception of Chromium) or khtml are not covered by security support
+	NOTE: Browsers based on webkit (with the exception of Chromium) or khtml are not covered by security support
 CVE-2014-3565 (snmplib/mib.c in net-snmp 5.7.0 and earlier, when the -OQ option is ...)
 	- net-snmp 5.7.2.1~dfsg-7 (bug #760132)
 	[wheezy] - net-snmp <no-dsa> (Minor issue)
@@ -11785,15 +11786,15 @@
 	- openssl 1.0.1h-1 (bug #750665)
 	[squeeze] - openssl 0.9.8o-4squeeze15
 CVE-2014-3469 (The (1) asn1_read_value_type and (2) asn1_read_value functions in GNU ...)
-	{DSA-3056-1}
+	{DSA-3056-1 DLA-77-1}
 	- libtasn1-3 <removed>
 	- libtasn1-6 3.6-1
 CVE-2014-3468 (The asn1_get_bit_der function in GNU Libtasn1 before 3.6 does not ...)
-	{DSA-3056-1}
+	{DSA-3056-1 DLA-77-1}
 	- libtasn1-3 <removed>
 	- libtasn1-6 3.6-1
 CVE-2014-3467 (Multiple unspecified vulnerabilities in the DER decoder in GNU ...)
-	{DSA-3056-1}
+	{DSA-3056-1 DLA-77-1}
 	- libtasn1-3 <removed>
 	- libtasn1-6 3.6-1
 CVE-2014-3466 (Buffer overflow in the read_server_hello function in ...)

More information about the Secure-testing-commits mailing list