[Secure-testing-commits] r29731 - data/CVE

Wed Oct 29 21:14:11 UTC 2014

Author: joeyh
Date: 2014-10-29 21:14:11 +0000 (Wed, 29 Oct 2014)
New Revision: 29731

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================

--- data/CVE/list	2014-10-29 21:13:59 UTC (rev 29730)
+++ data/CVE/list	2014-10-29 21:14:11 UTC (rev 29731)
@@ -478,17 +478,21 @@
 CVE-2014-8293 (Cross-site scripting (XSS) vulnerability in Voice Of Web AllMyGuests ...)
 	NOT-FOR-US: Voice Of Web AllMyGuests
 CVE-2014-8764 (DokuWiki 2014-05-05a and earlier, when using Active Directory for LDAP ...)
+	{DSA-3059-1 DLA-79-1}
 	- dokuwiki 0.0.20140929.a-1 (bug #766545)
 	NOTE: only fixed in Security Hotfix 2014-05-05b
 	NOTE: Better fixed at the php5 level: http://git.php.net/?p=php-src.git;a=commitdiff;h=ad1b9eef98df53adefa0c79c02e5dc1f2b928b8c
 CVE-2014-8763 (DokuWiki before 2014-05-05b, when using Active Directory for LDAP ...)
+	{DSA-3059-1 DLA-79-1}
 	- dokuwiki 0.0.20140929.a-1 (bug #766545)
 	NOTE: only fixed in Security Hotfix 2014-05-05b
 	NOTE: Better fixed at the php5 level: http://git.php.net/?p=php-src.git;a=commitdiff;h=ad1b9eef98df53adefa0c79c02e5dc1f2b928b8c
 CVE-2014-8762 (The ajax_mediadiff function in DokuWiki before 2014-05-05a allows ...)
+	{DSA-3059-1}
 	- dokuwiki 0.0.20140505.a+dfsg-1 (bug #766545)
 	[squeeze] - dokuwiki <not-affected> (Vulnerable code not present)
 CVE-2014-8761 (inc/template.php in DokuWiki before 2014-05-05a only checks for access ...)
+	{DSA-3059-1}
 	- dokuwiki 0.0.20140505.a+dfsg-1 (bug #766545)
 	[squeeze] - dokuwiki <not-affected> (Vulnerable code not present)
 CVE-2014-8760 (ejabberd before 2.1.13 does not enforce the starttls_required setting ...)
@@ -11141,7 +11145,7 @@
 	- jenkins 1.565.3-1 (bug #763899)
 CVE-2014-3660 [libxml2 billion laugh variant]
 	RESERVED
-	{DSA-3057-1}
+	{DSA-3057-1 DLA-80-1}
 	- libxml2 2.9.2+dfsg1-1 (bug #765722)
 	NOTE: https://www.ncsc.nl/actueel/nieuwsberichten/kwetsbaarheid-ontdekt-in-libxml2.html
 	NOTE: https://git.gnome.org/browse/libxml2/commit/?id=be2a7edaf289c5da74a4f9ed3a0b6c733e775230
@@ -11432,7 +11436,7 @@
 	{DLA-71-1}
 	- apache2 2.4.10-3
 	[wheezy] - apache2 <not-affected> (Only affects 2.4)
-        NOTE: https://issues.apache.org/bugzilla/show_bug.cgi?id=56924#c6
+	NOTE: https://issues.apache.org/bugzilla/show_bug.cgi?id=56924#c6
 CVE-2014-3580
 	RESERVED
 CVE-2014-3579
@@ -21392,7 +21396,7 @@
 	- foreman <itp> (bug #663101)
 CVE-2014-0191 [external parameter entity loaded when entity substitution is disabled]
 	RESERVED
-	{DSA-2978-1 DLA-0016-1}
+	{DSA-2978-1 DLA-80-1 DLA-0016-1}
 	- libxml2 2.9.1+dfsg1-4 (bug #747309)
 	[squeeze] - libxml2 2.7.8.dfsg-2+squeeze9
 	NOTE: patch: https://git.gnome.org/browse/libxml2/commit/?id=9cd1c3cfbd32655d60572c0a413e017260c854df


