[Secure-testing-commits] r29718 - data/CVE
Holger Levsen
holger at moszumanska.debian.org
Wed Oct 29 13:40:52 UTC 2014
Author: holger
Date: 2014-10-29 13:40:52 +0000 (Wed, 29 Oct 2014)
New Revision: 29718
Modified:
data/CVE/list
Log:
on #debian-security Tanguy Ortolo said dokuwiki was not affected in squeeze
[14:26] < Tanguy> I have just checked CVE-2014-8761 and CVE-2014-8762 against dokuwiki/squeeze, and it appears not to be affected, as the corresponding code was not present in that version.
[14:27] < Tanguy> Could someone indicate that in the security tracker?
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-10-29 13:09:02 UTC (rev 29717)
+++ data/CVE/list 2014-10-29 13:40:52 UTC (rev 29718)
@@ -477,8 +477,10 @@
NOTE: Better fixed at the php5 level: http://git.php.net/?p=php-src.git;a=commitdiff;h=ad1b9eef98df53adefa0c79c02e5dc1f2b928b8c
CVE-2014-8762 (The ajax_mediadiff function in DokuWiki before 2014-05-05a allows ...)
- dokuwiki 0.0.20140505.a+dfsg-1 (bug #766545)
+ [squeeze] - dokuwiki <not-affected> (Vulnerable code not present)
CVE-2014-8761 (inc/template.php in DokuWiki before 2014-05-05a only checks for access ...)
- dokuwiki 0.0.20140505.a+dfsg-1 (bug #766545)
+ [squeeze] - dokuwiki <not-affected> (Vulnerable code not present)
CVE-2014-8760 (ejabberd before 2.1.13 does not enforce the starttls_required setting ...)
- ejabberd <unfixed>
NOTE: http://mail.jabber.org/pipermail/operators/2014-October/002438.html
More information about the Secure-testing-commits
mailing list