[Secure-testing-commits] r28533 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Mon Sep 1 05:05:28 UTC 2014


Author: carnil
Date: 2014-09-01 05:05:28 +0000 (Mon, 01 Sep 2014)
New Revision: 28533

Modified:
   data/CVE/list
Log:
Revert "Simulate update run"

This reverts commit 12fb06c18fc4ebc75d941dcd795bd2ad271d99b5.

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2014-09-01 04:55:15 UTC (rev 28532)
+++ data/CVE/list	2014-09-01 05:05:28 UTC (rev 28533)
@@ -496,11 +496,11 @@
 	[wheezy] - libav <not-affected> (Vulnerable code not present)
 	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=52b81ff4635c077b2bc8b8d3637d933b6629d803
 CVE-2014-5262 (SQL injection vulnerability in the graph settings script ...)
-	{DSA-3007-1 DLA-40-1}
+	{DSA-3007-1}
 	- cacti 0.8.8b+dfsg-8
 	NOTE: http://svn.cacti.net/viewvc?view=rev&revision=7454
 CVE-2014-5261 (The graph settings script (graph_settings.php) in Cacti 0.8.8b and ...)
-	{DSA-3007-1 DLA-40-1}
+	{DSA-3007-1}
 	- cacti 0.8.8b+dfsg-8
 	NOTE: http://svn.cacti.net/viewvc?view=rev&revision=7454
 CVE-2014-XXXX [unspecific error when handling MyISAM temporary files can be exploited to execute arbitrary code]
@@ -801,17 +801,17 @@
 	[squeeze] - wireshark <not-affected> (Vulnerable code not present)
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2014-10.html
 CVE-2014-5163 (The APN decode functionality in (1) epan/dissectors/packet-gtp.c and ...)
-	{DSA-3002-1 DLA-38-1}
+	{DSA-3002-1}
 	- wireshark 1.12.0+git+4fab41a1-1
 	[squeeze] - wireshark 1.2.11-6+squeeze15
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2014-09.html
 CVE-2014-5162 (The read_new_line function in wiretap/catapult_dct2000.c in the ...)
-	{DSA-3002-1 DLA-38-1}
+	{DSA-3002-1}
 	- wireshark 1.12.0+git+4fab41a1-1
 	[squeeze] - wireshark 1.2.11-6+squeeze15
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2014-08.html
 CVE-2014-5161 (The dissect_log function in plugins/irda/packet-irda.c in the IrDA ...)
-	{DSA-3002-1 DLA-38-1}
+	{DSA-3002-1}
 	- wireshark 1.12.0+git+4fab41a1-1
 	[squeeze] - wireshark 1.2.11-6+squeeze15
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2014-08.html
@@ -1059,7 +1059,7 @@
 	RESERVED
 	NOT-FOR-US: tboot
 CVE-2014-5117 (Tor before 0.2.4.23 and 0.2.5 before 0.2.5.6-alpha maintains a circuit ...)
-	{DSA-2993-1 DLA-17-1}
+	{DSA-2993-1}
 	- tor 0.2.4.23-1
 	[squeeze] - tor 0.2.4.23-1~deb6u1
 CVE-2014-5116 (The cairo_image_surface_get_data function in Cairo 1.10.2, as used in ...)
@@ -1156,17 +1156,17 @@
 	NOTE: CVE request http://www.openwall.com/lists/oss-security/2014/07/22/6
 	NOTE: Only supported behind an authenticated HTTP zone
 CVE-2014-5031 (The web interface in CUPS before 2.0 does not check that files have ...)
-	{DSA-2990-1 DLA-0022-1}
+	{DSA-2990-1}
 	- cups 1.7.4-2
 	[squeeze] - cups 1.4.4-7+squeeze6
 	NOTE: https://cups.org/str.php?L4455
 CVE-2014-5030 (CUPS before 2.0 allows local users to read arbitrary files via a ...)
-	{DSA-2990-1 DLA-0022-1}
+	{DSA-2990-1}
 	- cups 1.7.4-2
 	[squeeze] - cups 1.4.4-7+squeeze6
 	NOTE: https://cups.org/str.php?L4455
 CVE-2014-5029 (The web interface in CUPS 1.7.4 allows local users in the lp group to ...)
-	{DSA-2990-1 DLA-0022-1}
+	{DSA-2990-1}
 	- cups 1.7.4-2
 	[squeeze] - cups 1.4.4-7+squeeze6
 	NOTE: https://cups.org/str.php?L4455
@@ -1177,12 +1177,12 @@
 	- reviewboard <itp> (bug #653113)
 CVE-2014-5026 [XSS vulnerability]
 	RESERVED
-	{DSA-3007-1 DLA-40-1}
+	{DSA-3007-1}
 	- cacti 0.8.8b+dfsg-7
 	NOTE: http://bugs.cacti.net/view.php?id=2456
 CVE-2014-5025 [XSS vulnerability]
 	RESERVED
-	{DSA-3007-1 DLA-40-1}
+	{DSA-3007-1}
 	- cacti 0.8.8b+dfsg-7
 	NOTE: http://bugs.cacti.net/view.php?id=2456
 CVE-2014-5024 (Cross-site scripting (XSS) vulnerability in sgms/panelManager in Dell ...)
@@ -1849,7 +1849,7 @@
 	NOTE: http://framework.zend.com/security/advisory/ZF2014-03
 	TODO: check
 CVE-2014-4911 (The ssl_decrypt_buf function in library/ssl_tls.c in PolarSSL before ...)
-	{DSA-2981-1 DLA-36-1}
+	{DSA-2981-1}
 	- polarssl 1.3.7-2.1 (bug #754655)
 	[squeeze] - polarssl 1.2.9-1~deb6u2
 	NOTE: https://polarssl.org/tech-updates/security-advisories/polarssl-security-advisory-2014-02
@@ -1925,7 +1925,7 @@
 CVE-2014-4700 (Citrix XenDesktop 7.x, 5.x, and 4.x, when pooled random desktop groups ...)
 	NOT-FOR-US: Citrix XenDesktop
 CVE-2014-4699 (The Linux kernel before 3.15.4 on Intel processors does not properly ...)
-	{DSA-2972-1 DLA-0015-1}
+	{DSA-2972-1}
 	- linux 3.14.10-1
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 2.6.32-48squeeze8
@@ -2022,7 +2022,7 @@
 CVE-2012-6649
 	RESERVED
 CVE-2014-4721 (The phpinfo implementation in ext/standard/info.c in PHP before 5.4.30 ...)
-	{DSA-2974-1 DLA-0018-1}
+	{DSA-2974-1}
 	- php5 5.6.0~rc1+dfsg-2 (low)
 	[squeeze] - php5 5.3.3-7+squeeze21
 	NOTE: https://bugs.php.net/bug.php?id=67498
@@ -2031,13 +2031,12 @@
 	- cherokee <removed> (low)
 	[squeeze] - cherokee <no-dsa> (Minor issue)
 CVE-2014-4667 (The sctp_association_free function in net/sctp/associola.c in the ...)
-	{DSA-2992-1 DLA-0015-1}
+	{DSA-2992-1}
 	- linux 3.14.9-1
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 2.6.32-48squeeze8
 	NOTE: Upstream fix: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=d3217b15a19a4779c39b212358a5c71d725822ee (v3.16-rc1)
 CVE-2014-4656 (Multiple integer overflows in sound/core/control.c in the ALSA control ...)
-	{DLA-0015-1}
 	- linux 3.14.9-1
 	[wheezy] - linux 3.2.60-1
 	- linux-2.6 <removed>
@@ -2055,7 +2054,6 @@
 	[wheezy] - linux 3.2.60-1
 	- linux-2.6 <removed>
 CVE-2014-4652 (Race condition in the tlv handler functionality in the ...)
-	{DLA-0015-1}
 	- linux 3.14.9-1 (low)
 	[wheezy] - linux 3.2.60-1
 	- linux-2.6 <removed> (low)
@@ -2177,7 +2175,7 @@
 	NOTE: Not exploitable with the block sizes used in kernel images
 CVE-2014-4607
 	RESERVED
-	{DSA-2995-1 DLA-35-1}
+	{DSA-2995-1}
 	- lzo <removed>
 	- lzo2 2.08-1 (bug #752861)
 CVE-2014-4606 (Cross-site scripting (XSS) vulnerability in redirect_to_zeenshare.php ...)
@@ -2381,7 +2379,7 @@
 CVE-2014-4505 (Cross-site scripting (XSS) vulnerability in the Easy Breadcrumb module ...)
 	NOT-FOR-US: Drupal module Easy Breadcrumb
 CVE-2014-4617 (The do_uncompress function in g10/compress.c in GnuPG 1.x before ...)
-	{DSA-2968-1 DSA-2967-1 DLA-0012-1}
+	{DSA-2968-1 DSA-2967-1}
 	- gnupg 1.4.16-1.2 (bug #752497)
 	[squeeze] - gnupg 1.4.10-4+squeeze5
 	- gnupg2 2.0.24-1 (bug #752498)
@@ -2742,28 +2740,28 @@
 CVE-2014-4346 (Cross-site scripting (XSS) vulnerability in administration user ...)
 	NOT-FOR-US: Citrix NetScaler Application Delivery Controller
 CVE-2014-4345 (Off-by-one error in the krb5_encode_krbsecretkey function in ...)
-	{DSA-3000-1 DLA-37-1}
+	{DSA-3000-1}
 	- krb5 1.12.1+dfsg-7 (bug #757416)
 	[squeeze] - krb5 1.8.3+dfsg-4squeeze8
 	NOTE: https://github.com/krb5/krb5/commit/81c332e29f10887c6b9deb065f81ba259f4c7e03
 	NOTE: http://web.mit.edu/Kerberos/advisories/MITKRB5-SA-2014-001.txt
 CVE-2014-4344 (The acc_ctx_cont function in the SPNEGO acceptor in ...)
-	{DSA-3000-1 DLA-37-1}
+	{DSA-3000-1}
 	- krb5 1.12.1+dfsg-5 (bug #755521)
 	[squeeze] - krb5 1.8.3+dfsg-4squeeze8
 	NOTE: https://github.com/krb5/krb5/commit/524688ce87a15fc75f87efc8c039ba4c7d5c197b
 CVE-2014-4343 (Double free vulnerability in the init_ctx_reselect function in the ...)
-	{DSA-3000-1 DLA-37-1}
+	{DSA-3000-1}
 	- krb5 1.12.1+dfsg-5 (bug #755520)
 	[squeeze] - krb5 1.8.3+dfsg-4squeeze8
 	NOTE: https://github.com/krb5/krb5/commit/f18ddf5d82de0ab7591a36e465bc24225776940f
 CVE-2014-4342 (MIT Kerberos 5 (aka krb5) 1.7.x through 1.12.x before 1.12.2 allows ...)
-	{DSA-3000-1 DLA-37-1}
+	{DSA-3000-1}
 	- krb5 1.12.1+dfsg-4 (bug #753625)
 	[squeeze] - krb5 1.8.3+dfsg-4squeeze8
 	NOTE: https://github.com/krb5/krb5/commit/fb99962cbd063ac04c9a9d2cc7c75eab73f3533d
 CVE-2014-4341 (MIT Kerberos 5 (aka krb5) before 1.12.2 allows remote attackers to ...)
-	{DSA-3000-1 DLA-37-1}
+	{DSA-3000-1}
 	- krb5 1.12.1+dfsg-4 (bug #753624)
 	[squeeze] - krb5 1.8.3+dfsg-4squeeze8
 	NOTE: https://github.com/krb5/krb5/commit/fb99962cbd063ac04c9a9d2cc7c75eab73f3533d
@@ -3481,7 +3479,7 @@
 	[wheezy] - linux 3.2.60-1
 	- linux-2.6 <not-affected> (squeeze-lts only covers x86)
 CVE-2014-4049 (Heap-based buffer overflow in the php_parserr function in ...)
-	{DSA-2961-1 DLA-0010-1}
+	{DSA-2961-1}
 	- php5 5.6.0~beta4+dfsg-3 (bug #751364)
 	[squeeze] - php5 5.3.3-7+squeeze20
 	NOTE: https://github.com/php/php-src/commit/b34d7849ed90ced9345f8ea1c59bc8d101c18468
@@ -3583,7 +3581,6 @@
 	NOTE: Fairly pointless CVE assignment...
 CVE-2014-4150 [Insecure use of temporary file]
 	RESERVED
-	{DLA-0006-1}
 	- scheme48 1.9-4 (bug #748766)
 	[wheezy] - scheme48 1.8+dfsg-1+deb7u1
 	[squeeze] - scheme48 1.8+dfsg-1+deb6u1
@@ -3954,7 +3951,6 @@
 	- typo3-src 4.5.34+dfsg1-1 (bug #749215)
 	[squeeze] - typo3-src <end-of-life> (Unsupported in squeeze-lts)
 CVE-2014-3917 (kernel/auditsc.c in the Linux kernel through 3.14.5, when ...)
-	{DLA-0015-1}
 	- linux 3.14.7-1
 	[wheezy] - linux 3.2.60-1
 	- linux-2.6 <removed>
@@ -4485,7 +4481,7 @@
 	RESERVED
 	- foreman <itp> (bug #663101)
 CVE-2014-3589 (PIL/IcnsImagePlugin.py in Python Imaging Library (PIL) and Pillow ...)
-	{DSA-3009-1 DLA-41-1}
+	{DSA-3009-1}
 	- pillow 2.5.3-1 (bug #758772)
 	- python-imaging <removed>
 	[squeeze] - python-imaging 1.1.7-2+deb6u1
@@ -4547,7 +4543,7 @@
 	RESERVED
 CVE-2014-3564 [heap-based buffer overflow in gpgsm status handler]
 	RESERVED
-	{DSA-3005-1 DLA-39-1}
+	{DSA-3005-1}
 	- gpgme1.0 1.5.1-1 (bug #756651)
 	[squeeze] - gpgme1.0 1.2.0-1.2+deb6u1
 	NOTE: patch: http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gpgme.git;a=commit;h=2cbd76f7911fc215845e89b50d6af5ff4a83dd77
@@ -4640,7 +4636,7 @@
 	- php5 5.6.0~rc4+dfsg-1
 	NOTE: https://bugs.php.net/bug.php?id=67705
 CVE-2014-3537 (The web interface in CUPS before 1.7.4 allows local users in the lp ...)
-	{DSA-2990-1 DLA-0022-1}
+	{DSA-2990-1}
 	- cups 1.7.4-1
 	[squeeze] - cups 1.4.4-7+squeeze6
 	NOTE: https://www.cups.org/str.php?L4450
@@ -4707,7 +4703,7 @@
 CVE-2014-3516
 	RESERVED
 CVE-2014-3515 (The SPL component in PHP before 5.4.30 and 5.5.x before 5.5.14 ...)
-	{DSA-2974-1 DLA-0018-1}
+	{DSA-2974-1}
 	- php5 5.6.0~rc2+dfsg-1
 	[squeeze] - php5 5.3.3-7+squeeze21
 	NOTE: https://bugs.php.net/bug.php?id=67492
@@ -4729,23 +4725,23 @@
 	- openssl 1.0.1i-1
 	[squeeze] - openssl <not-affected> (Doesn't support TLS higher than 1.0)
 CVE-2014-3510 (The ssl3_send_client_key_exchange function in s3_clnt.c in OpenSSL ...)
-	{DSA-2998-1 DLA-33-1}
+	{DSA-2998-1}
 	- openssl 1.0.1i-1
 CVE-2014-3509 (Race condition in the ssl_parse_serverhello_tlsext function in ...)
 	{DSA-2998-1}
 	- openssl 1.0.1i-1
 	[squeeze] - openssl <not-affected> (vulnerable code not present)
 CVE-2014-3508 (The OBJ_obj2txt function in crypto/objects/obj_dat.c in OpenSSL 0.9.8 ...)
-	{DSA-2998-1 DLA-33-1}
+	{DSA-2998-1}
 	- openssl 1.0.1i-1
 CVE-2014-3507 (Memory leak in d1_both.c in the DTLS implementation in OpenSSL 0.9.8 ...)
-	{DSA-2998-1 DLA-33-1}
+	{DSA-2998-1}
 	- openssl 1.0.1i-1
 CVE-2014-3506 (d1_both.c in the DTLS implementation in OpenSSL 0.9.8 before 0.9.8zb, ...)
-	{DSA-2998-1 DLA-33-1}
+	{DSA-2998-1}
 	- openssl 1.0.1i-1
 CVE-2014-3505 (Double free vulnerability in d1_both.c in the DTLS implementation in ...)
-	{DSA-2998-1 DLA-33-1}
+	{DSA-2998-1}
 	- openssl 1.0.1i-1
 CVE-2014-3504 (The (1) serf_ssl_cert_issuer, (2) serf_ssl_cert_subject, and (3) ...)
 	- serf 1.3.7-1 (bug #757965)
@@ -4801,7 +4797,7 @@
 	- netty <not-affected> (Introduced in 3.9.0)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1107983 says only affects 3.9.0 and 3.9.1
 CVE-2014-3487 (The cdf_read_property_info function in file before 5.19, as used in ...)
-	{DSA-2974-1 DLA-27-1}
+	{DSA-2974-1}
 	- file 1:5.19-1
 	[squeeze] - file 5.04-5+squeeze6
 	NOTE: https://github.com/file/file/commit/93e063ee374b6a75729df9e7201fb511e47e259d
@@ -4836,7 +4832,7 @@
 CVE-2014-3481 (org.jboss.as.jaxrs.deployment.JaxrsIntegrationProcessor in Red Hat ...)
 	- jbossas4 <not-affected> (Only builds a few libraries, not the full application server, #581226)
 CVE-2014-3480 (The cdf_count_chain function in cdf.c in file before 5.19, as used in ...)
-	{DSA-2974-1 DLA-27-1 DLA-0018-1}
+	{DSA-2974-1}
 	- file 1:5.19-1
 	[squeeze] - file 5.04-5+squeeze6
 	NOTE: https://github.com/file/file/commit/40bade80cbe2af1d0b2cd0420cebd5d5905a2382
@@ -4844,7 +4840,7 @@
 	[squeeze] - php5 5.3.3-7+squeeze21
 	NOTE: http://bugs.php.net/bug.php?id=67412
 CVE-2014-3479 (The cdf_check_stream_offset function in cdf.c in file before 5.19, as ...)
-	{DSA-2974-1 DLA-27-1}
+	{DSA-2974-1}
 	- file 1:5.19-1
 	[squeeze] - file 5.04-5+squeeze6
 	NOTE: https://github.com/file/file/commit/36fadd29849b8087af9f4586f89dbf74ea45be67
@@ -4852,7 +4848,7 @@
 	[squeeze] - php5 <not-affected> (Vulnerable code was introduced later)
 	NOTE: https://bugs.php.net/bug.php?id=67411
 CVE-2014-3478 (Buffer overflow in the mconvert function in softmagic.c in file before ...)
-	{DSA-2974-1 DLA-27-1}
+	{DSA-2974-1}
 	- file 1:5.19-1
 	[squeeze] - file 5.04-5+squeeze6
 	NOTE: https://github.com/file/file/commit/27a14bc7ba285a0a5ebfdb55e54001aa11932b08
@@ -4887,7 +4883,7 @@
 	- qemu-kvm <removed>
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2014-06/msg05283.html
 CVE-2014-3470 (The ssl3_send_client_key_exchange function in s3_clnt.c in OpenSSL ...)
-	{DSA-2950-1 DLA-0003-1}
+	{DSA-2950-1}
 	- openssl 1.0.1h-1 (bug #750665)
 	[squeeze] - openssl 0.9.8o-4squeeze15
 CVE-2014-3469 (The (1) asn1_read_value_type and (2) asn1_read_value functions in GNU ...)
@@ -4900,7 +4896,7 @@
 	- libtasn1-3 <removed>
 	- libtasn1-6 3.6-1
 CVE-2014-3466 (Buffer overflow in the read_server_hello function in ...)
-	{DSA-2944-1 DLA-0001-1}
+	{DSA-2944-1}
 	- gnutls26 2.12.23-16
 	- gnutls28 3.2.15-1
 	[squeeze] - gnutls26 2.8.6-1+squeeze4
@@ -5516,7 +5512,7 @@
 CVE-2013-7375 (SQL injection vulnerability in includes/classes/Authenticate.class.php ...)
 	NOT-FOR-US: PHP-Fusion
 CVE-2014-3145 (The BPF_S_ANC_NLATTR_NEST extension implementation in the ...)
-	{DSA-2949-1 DLA-0015-1}
+	{DSA-2949-1}
 	- linux 3.14.4-1
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 2.6.32-48squeeze8
@@ -5524,7 +5520,7 @@
 	NOTE: Introduced by https://git.kernel.org/linus/4738c1db1593687713869fa69e733eebc7b0d6d8
 	NOTE: https://git.kernel.org/linus/d214c7537bbf2f247991fb65b3420b0b3d712c67
 CVE-2014-3144 (The (1) BPF_S_ANC_NLATTR and (2) BPF_S_ANC_NLATTR_NEST extension ...)
-	{DSA-2949-1 DLA-0015-1}
+	{DSA-2949-1}
 	- linux 3.14.4-1
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 2.6.32-48squeeze8
@@ -5532,7 +5528,7 @@
 	NOTE: Introduced by https://git.kernel.org/linus/4738c1db1593687713869fa69e733eebc7b0d6d8
 	NOTE: https://git.kernel.org/linus/d214c7537bbf2f247991fb65b3420b0b3d712c67
 CVE-2014-3430 (Dovecot 1.1 before 2.2.13 and dovecot-ee before 2.1.7.7 and 2.2.x ...)
-	{DSA-2954-1 DLA-0004-1}
+	{DSA-2954-1}
 	- dovecot 1:2.2.13~rc1-1 (low; bug #747549)
 	[squeeze] - dovecot 1:1.2.15-7+deb6u1
 	NOTE: http://permalink.gmane.org/gmane.mail.imap.dovecot/77499
@@ -5733,7 +5729,7 @@
 	- chromium-browser 35.0.1916.153-1
 	[squeeze] - chromium-browser <end-of-life>
 CVE-2014-3153 (The futex_requeue function in kernel/futex.c in the Linux kernel ...)
-	{DSA-2949-1 DLA-0007-1}
+	{DSA-2949-1}
 	- linux 3.14.5-1
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 2.6.32-48squeeze7
@@ -5757,7 +5753,7 @@
 CVE-2014-3147
 	RESERVED
 CVE-2014-3146 (Incomplete blacklist vulnerability in the lxml.html.clean module in ...)
-	{DSA-2941-1 DLA-0009-1}
+	{DSA-2941-1}
 	- lxml 3.3.5-1 (bug #746812)
 	[squeeze] - lxml 2.2.8-2+deb6u1
 	NOTE: http://lxml.de/3.3/changes-3.3.5.html
@@ -6120,7 +6116,7 @@
 CVE-2011-5279 (CRLF injection vulnerability in the CGI implementation in Microsoft ...)
 	NOT-FOR-US: Microsoft IIS
 CVE-2014-3122 (The try_to_unmap_cluster function in mm/rmap.c in the Linux kernel ...)
-	{DSA-2926-1 DLA-0015-1}
+	{DSA-2926-1}
 	- linux 3.14.4-1 (bug #747326)
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 2.6.32-48squeeze8
@@ -7017,7 +7013,6 @@
 	[wheezy] - zendframework <no-dsa> (Minor issue)
 	NOTE: http://framework.zend.com/security/advisory/ZF2014-01
 CVE-2014-2678 (The rds_iw_laddr_check function in net/rds/iw.c in the Linux kernel ...)
-	{DLA-0015-1}
 	- linux 3.13.10-1
 	[wheezy] - linux 3.2.57-1
 	- linux-2.6 <removed>
@@ -9243,7 +9238,7 @@
 CVE-2014-1829
 	RESERVED
 CVE-2014-1912 (Buffer overflow in the socket.recvfrom_into function in ...)
-	{DSA-2880-1 DLA-25-1}
+	{DSA-2880-1}
 	- python2.5 <removed> (low)
 	- python2.6 <removed> (low)
 	[wheezy] - python2.6 <no-dsa> (Minor issue)
@@ -10171,7 +10166,7 @@
 	- bugzilla <removed>
 	NOTE: bugzilla part for Adobe Flash's CVE-2014-4671.
 CVE-2014-1545 (Mozilla Netscape Portable Runtime (NSPR) before 4.10.6 allows remote ...)
-	{DSA-2962-1 DSA-2960-1 DSA-2955-1 DLA-32-1}
+	{DSA-2962-1 DSA-2960-1 DSA-2955-1}
 	- nspr 2:4.10.6-1
 	- iceweasel 30.0-1
 	- icedove 31.0~b1-1
@@ -10414,13 +10409,13 @@
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
 CVE-2014-1492 (The cert_TestHostName function in lib/certdb/certdb.c in the ...)
-	{DSA-2994-1 DLA-23-1}
+	{DSA-2994-1}
 	- nss 2:3.16-1
 	[squeeze] - nss 3.12.8-1+squeeze8
 	- iceweasel <not-affected> (Only affects Firefox 28)
 	- icedove <not-affected> (Only affects Firefox 28)
 CVE-2014-1491 (Mozilla Network Security Services (NSS) before 3.15.4, as used in ...)
-	{DSA-2994-1 DSA-2858-1 DLA-23-1}
+	{DSA-2994-1 DSA-2858-1}
 	- iceweasel 24.3.0esr-1
 	- icedove 24.3.0-1
 	- nss 2:3.15.4-1
@@ -10677,7 +10672,7 @@
 CVE-2014-1420
 	RESERVED
 CVE-2014-1419 (Race condition in the power policy functions in policy-funcs in ...)
-	{DSA-2984-1 DLA-30-1}
+	{DSA-2984-1}
 	- acpi-support 0.142-2
 CVE-2014-1418 (Django 1.4 before 1.4.13, 1.5 before 1.5.8, 1.6 before 1.6.5, and 1.7 ...)
 	{DSA-2934-1}
@@ -10754,7 +10749,6 @@
 	[wheezy] - linux 3.2.53-1
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=96b340406724d87e4621284ebac5e059d67b2194
 CVE-2014-1438 (The restore_fpu_checking function in ...)
-	{DLA-0007-1}
 	- linux 3.12.8-1 (bug #733551)
 	- linux-2.6 <removed>
 	[wheezy] - linux 3.2.54-1
@@ -12555,20 +12549,20 @@
 	{DSA-3010-1}
 	- python-django 1.6.6-1
 CVE-2014-0479 (reportbug before 6.4.4+deb7u1 and 6.5.x before 6.5.0+nmu1 allows ...)
-	{DSA-2997-1 DLA-31-1}
+	{DSA-2997-1}
 	- reportbug 6.5.0+nmu1
 	[squeeze] - reportbug 4.12.6+deb6u1
 CVE-2014-0478 (APT before 1.0.4 does not properly validate source packages, which ...)
-	{DSA-2958-1 DLA-0005-1}
+	{DSA-2958-1}
 	- apt 1.0.4 (bug #749795)
 	[squeeze] - apt 0.8.10.3+squeeze2
 CVE-2014-0477 (The parse function in Email::Address module before 1.905 for Perl uses ...)
-	{DSA-2969-1 DLA-0011-1}
+	{DSA-2969-1}
 	- libemail-address-perl 1.905-1
 	[squeeze] - libemail-address-perl 1.889-2+deb6u1
 CVE-2014-0476
 	RESERVED
-	{DSA-2945-1 DLA-0002-1}
+	{DSA-2945-1}
 	- chkrootkit 0.49-5
 	[squeeze] - chkrootkit 0.49-4+deb6u1
 CVE-2014-0475 (Multiple directory traversal vulnerabilities in GNU C Library (aka ...)
@@ -12635,12 +12629,12 @@
 CVE-2013-7178
 	RESERVED
 CVE-2013-7177 (config/filter.d/cyrus-imap.conf in the cyrus-imap filter in Fail2ban ...)
-	{DSA-2979-1 DLA-0021-1}
+	{DSA-2979-1}
 	- fail2ban 0.8.11-1
 	[squeeze] - fail2ban 0.8.4-3+squeeze3
 	NOTE: https://github.com/fail2ban/fail2ban/commit/bd175f026737d66e7110868fb50b3760ff75e087
 CVE-2013-7176 (config/filter.d/postfix.conf in the postfix filter in Fail2ban before ...)
-	{DSA-2979-1 DLA-0021-1}
+	{DSA-2979-1}
 	- fail2ban 0.8.11-1
 	[squeeze] - fail2ban 0.8.4-3+squeeze3
 CVE-2013-7175 (Multiple SQL injection vulnerabilities in Avanset Visual CertExam ...)
@@ -13991,7 +13985,7 @@
 	[wheezy] - samba <not-affected> (AD feature not present)
 	NOTE: AD-related packages removed from src:samba4 in 4.0.0~beta2+dfsg1-3.2+deb7u2
 CVE-2014-0238 (The cdf_read_property_info function in cdf.c in the Fileinfo component ...)
-	{DSA-2943-1 DLA-27-1}
+	{DSA-2943-1}
 	- file 1:5.19-1
 	[squeeze] - file 5.04-5+squeeze6
 	NOTE: https://github.com/file/file/commit/f97486ef5dc3e8735440edc4fc8808c63e1a3ef0
@@ -13999,7 +13993,7 @@
 	[squeeze] - php5 <no-dsa> (Minor issue, can be fixed along with a future DSA)
 	NOTE: https://bugs.php.net/bug.php?id=67327
 CVE-2014-0237 (The cdf_unpack_summary_info function in cdf.c in the Fileinfo ...)
-	{DSA-2943-1 DLA-27-1}
+	{DSA-2943-1}
 	- file 1:5.19-1
 	[squeeze] - file 5.04-5+squeeze6
 	NOTE: https://github.com/file/file/commit/b8acc83781d5a24cc5101e525d15efe0482c280d
@@ -14047,7 +14041,7 @@
 	[squeeze] - libspring-java <no-dsa> (Minor issue)
 	[wheezy] - libspring-java <no-dsa> (Minor issue)
 CVE-2014-0224 (OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h ...)
-	{DSA-2950-1 DLA-0008-1 DLA-0003-1}
+	{DSA-2950-1}
 	- openssl 1.0.1h-1 (bug #750665)
 	[squeeze] - openssl 0.9.8o-4squeeze15
 CVE-2014-0223 [qcow1: Validate image size]
@@ -14065,7 +14059,7 @@
 	[squeeze] - qemu-kvm <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2014-05/msg02155.html
 CVE-2014-0221 (The dtls1_get_message_fragment function in d1_both.c in OpenSSL before ...)
-	{DSA-2950-1 DLA-0003-1}
+	{DSA-2950-1}
 	- openssl 1.0.1h-1 (bug #750665)
 	[squeeze] - openssl 0.9.8o-4squeeze15
 CVE-2014-0220 (Cloudera Manager before 4.8.3 and 5.x before 5.0.1 allows remote ...)
@@ -14113,7 +14107,7 @@
 	RESERVED
 	- foreman <itp> (bug #663101)
 CVE-2014-0207 (The cdf_read_short_sector function in cdf.c in file before 5.19, as ...)
-	{DSA-2974-1 DLA-27-1 DLA-0018-1}
+	{DSA-2974-1}
 	- file 1:5.19-1
 	[squeeze] - file 5.04-5+squeeze6
 	NOTE: fixed as part of https://github.com/file/file/commit/6d209c1c489457397a5763bca4b28e43aac90391#diff-0
@@ -14133,7 +14127,6 @@
 	- keystone 2014.1-5 (bug #749026)
 	[wheezy] - keystone <not-affected>
 CVE-2014-0203 (The __do_follow_link function in fs/namei.c in the Linux kernel before ...)
-	{DLA-0015-1}
 	- linux 2.6.33-1
 	- linux-2.6 2.6.37-1
 	[squeeze] - linux-2.6 2.6.32-48squeeze8
@@ -14159,7 +14152,7 @@
 	- linux-2.6 <removed>
 	NOTE: PoC: http://pastebin.com/yTSFUBgZ
 CVE-2014-0195 (The dtls1_reassemble_fragment function in d1_both.c in OpenSSL before ...)
-	{DSA-2950-1 DLA-0003-1}
+	{DSA-2950-1}
 	- openssl 1.0.1h-1 (bug #750665)
 	[squeeze] - openssl 0.9.8o-4squeeze15
 CVE-2014-0194
@@ -14170,7 +14163,7 @@
 	- foreman <itp> (bug #663101)
 CVE-2014-0191 [external parameter entity loaded when entity substitution is disabled]
 	RESERVED
-	{DSA-2978-1 DLA-0016-1}
+	{DSA-2978-1}
 	- libxml2 2.9.1+dfsg1-4 (bug #747309)
 	[squeeze] - libxml2 2.7.8.dfsg-2+squeeze9
 	NOTE: patch: https://git.gnome.org/browse/libxml2/commit/?id=9cd1c3cfbd32655d60572c0a413e017260c854df
@@ -14591,7 +14584,7 @@
 	NOTE: seems introduced in https://github.com/torvalds/linux/commit/8dd014adfea6f173c1ef6378f7e5e7924866c923
 	NOTE: qemu is built with support for vhost_net, module loaded post-wheezy when linux < 3.4 but root:root 0600
 CVE-2014-0076 (The Montgomery ladder implementation in OpenSSL through 1.0.0l does ...)
-	{DSA-2908-1 DLA-0003-1}
+	{DSA-2908-1}
 	- openssl 1.0.1g-1 (low; bug #742923)
 	[squeeze] - openssl 0.9.8o-4squeeze15
 	NOTE: http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=f9b6c0ba4c02497782f801e3c45688f3efaac55c
@@ -14622,7 +14615,7 @@
 	RESERVED
 	NOT-FOR-US: OpenShift
 CVE-2014-0067 (The "make check" command for the test suites in PostgreSQL 9.3.3 and ...)
-	{DSA-2865-1 DSA-2864-1 DLA-0019-1}
+	{DSA-2865-1 DSA-2864-1}
 	- postgresql-9.1 9.1.11-2
 	- postgresql-8.4 <removed>
 	[wheezy] - postgresql-8.4 <not-affected> (postgresql-8.4 in wheezy only provides PL/Perl)
@@ -16253,7 +16246,6 @@
 	- unrealircd <itp> (bug #515130)
 	NOTE: http://forums.unrealircd.com/viewtopic.php?f=2&t=8221
 CVE-2013-6412 (The transform_save function in transform.c in Augeas 1.0.0 through ...)
-	{DLA-28-1}
 	- augeas <unfixed> (bug #731111)
 	[wheezy] - augeas <not-affected> (Affected patch not present/applied)
 	[squeeze] - augeas <not-affected> (Affected patch not present/applied)
@@ -16441,7 +16433,7 @@
 CVE-2013-6360
 	RESERVED
 CVE-2013-6359 (Munin::Master::Node in Munin before 2.0.18 allows remote attackers to ...)
-	{DSA-2815-1 DLA-20-1}
+	{DSA-2815-1}
 	- munin 2.0.18-1
 	[squeeze] - munin 1.4.5-3+deb6u1
 	NOTE: http://munin-monitoring.org/ticket/1397
@@ -17143,7 +17135,7 @@
 	[squeeze] - apt-listbugs <no-dsa> (Minor issue)
 	[wheezy] - apt-listbugs 0.1.8+deb7u1
 CVE-2013-6048 (The get_group_tree function in lib/Munin/Master/HTMLConfig.pm in Munin ...)
-	{DSA-2815-1 DLA-20-1}
+	{DSA-2815-1}
 	- munin 2.0.18-1
 	[squeeze] - munin 1.4.5-3+deb6u1
 CVE-2013-6047 (Multiple cross-site scripting (XSS) vulnerabilities in the site ...)
@@ -17974,7 +17966,7 @@
 CVE-2013-5706 (Multiple cross-site scripting (XSS) vulnerabilities in Coursemill ...)
 	NOT-FOR-US: Coursemill Learning Management System
 CVE-2013-5705 (apache2/modsecurity.c in ModSecurity before 2.7.6 allows remote ...)
-	{DSA-2991-1 DLA-34-1}
+	{DSA-2991-1}
 	- modsecurity-apache 2.7.7-1
 	- libapache-mod-security <removed>
 	[squeeze] - libapache-mod-security 2.5.12-1+squeeze4
@@ -18299,7 +18291,7 @@
 	{DSA-2820-1}
 	- nspr 2:4.10.2-1
 CVE-2013-5606 (The CERT_VerifyCert function in lib/certhigh/certvfy.c in Mozilla ...)
-	{DSA-2994-1 DLA-23-1}
+	{DSA-2994-1}
 	- nss 2:3.15.3-1 (bug #735105)
 	[squeeze] - nss 3.12.8-1+squeeze8
 CVE-2013-5605 (Mozilla Network Security Services (NSS) 3.14 before 3.14.5 and 3.15 ...)
@@ -19775,11 +19767,11 @@
 	- moodle 2.5.1-1
 	[squeeze] - moodle <not-affected> (Vulnerable code not present)
 CVE-2013-4995 (Cross-site scripting (XSS) vulnerability in phpMyAdmin 3.5.x before ...)
-	{DSA-2975-1 DLA-0014-1}
+	{DSA-2975-1}
 	- phpmyadmin 4:4.0.4.2-1 (low)
 	[squeeze] - phpmyadmin 4:3.3.7-8
 CVE-2013-4996 (Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin ...)
-	{DSA-2975-1 DLA-0014-1}
+	{DSA-2975-1}
 	- phpmyadmin 4:4.0.4.2-1
 	[squeeze] - phpmyadmin 4:3.3.7-8
 CVE-2013-4997 (Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin ...)
@@ -19804,7 +19796,7 @@
 	- phpmyadmin 4:4.0.4.2-1 (low)
 	[squeeze] - phpmyadmin <not-affected> (Vulnerable code not present)
 CVE-2013-5003 (Multiple SQL injection vulnerabilities in phpMyAdmin 3.5.x before ...)
-	{DSA-2975-1 DLA-0014-1}
+	{DSA-2975-1}
 	- phpmyadmin 4:4.0.4.2-1
 	[squeeze] - phpmyadmin 4:3.3.7-8
 CVE-2013-4937 (Multiple unspecified vulnerabilities in the AiCloud feature on the ...)
@@ -21153,7 +21145,6 @@
 	[wheezy] - horizon <not-affected> (v3 API introduced in Grizzly)
 	NOTE: https://bugs.launchpad.net/horizon/+bug/1237989
 CVE-2013-4470 (The Linux kernel before 3.12, when UDP Fragmentation Offload (UFO) is ...)
-	{DLA-0015-1}
 	- linux 3.11.7-1
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 2.6.32-48squeeze8
@@ -21426,7 +21417,6 @@
 	[squeeze] - vlc <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: http://git.videolan.org/?p=vlc.git;a=commitdiff;h=9794ec1cd268c04c8bca13a5fae15df6594dff3e
 CVE-2013-4387 (net/ipv6/ip6_output.c in the Linux kernel through 3.11.4 does not ...)
-	{DLA-0015-1}
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 2.6.32-48squeeze8
 	- linux 3.11.5-1
@@ -21903,7 +21893,6 @@
 	RESERVED
 CVE-2013-4251 [weave /tmp and current directory issues]
 	RESERVED
-	{DLA-26-1}
 	- python-scipy 0.12.0-3 (bug #726093)
 	[wheezy] - python-scipy <no-dsa> (Minor issue)
 	[squeeze] - python-scipy 0.7.2+dfsg1-1+deb6u1
@@ -21933,7 +21922,7 @@
 	- tiff 4.0.3-3
 	- tiff3 <not-affected> (The tiff3 source package doesn't build the TIFF tools)
 CVE-2013-4243 (Heap-based buffer overflow in the readgifimage function in the ...)
-	{DSA-2965-1 DLA-0013-1}
+	{DSA-2965-1}
 	- tiff 4.0.3-9 (low; bug #742917)
 	- tiff3 <not-affected> (The tiff3 source package doesn't build the TIFF tools)
 	[squeeze] - tiff 3.9.4-5+squeeze11
@@ -21954,7 +21943,7 @@
 	NOTE: Introduced by: http://libvirt.org/git/?p=libvirt.git;a=commit;h=632180d1
 	NOTE: Fixed by: http://libvirt.org/git/?p=libvirt.git;a=commit;h=0e671a16
 CVE-2013-4238 (The ssl.match_hostname function in the SSL module in Python 2.6 ...)
-	{DSA-2880-1 DLA-25-1}
+	{DSA-2880-1}
 	- python2.5 <removed> (low)
 	[squeeze] - python2.5 <no-dsa> (Minor issue)
 	- python2.6 <removed> (low)
@@ -24382,7 +24371,6 @@
 CVE-2013-3240 (Directory traversal vulnerability in the Export feature in phpMyAdmin ...)
 	- phpmyadmin <not-affected> (Vulnerable code not present)
 CVE-2013-3239 (phpMyAdmin 3.5.x before 3.5.8 and 4.x before 4.0.0-rc3, when a SaveDir ...)
-	{DLA-0014-1}
 	- phpmyadmin 4:3.4.11.1-2
 	[squeeze] - phpmyadmin 4:3.3.7-8
 	NOTE: Requires non-default option saveDir to be enabled, an authenticated untrusted user and Apache mod_mime
@@ -28676,7 +28664,7 @@
 	- bugzilla4 <itp> (bug #669643)
 	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=924802
 CVE-2013-1741 (Integer overflow in Mozilla Network Security Services (NSS) 3.15 ...)
-	{DSA-2994-1 DLA-23-1}
+	{DSA-2994-1}
 	- nss 2:3.15.3-1 (bug #735105)
 	[squeeze] - nss 3.12.8-1+squeeze8
 	NOTE: https://hg.mozilla.org/projects/nss/rev/612d7d1eb9e7
@@ -34162,7 +34150,6 @@
 	NOTE: http://trac.roundcube.net/ticket/1488850
 	NOTE: Upstream patch: https://github.com/roundcube/roundcubemail/commit/74cd0a9b62f11bc07c5a1d3ba0098b54883eb0ba
 CVE-2012-6120 (Red Hat OpenStack Essex and Folsom creates the /var/log/puppet ...)
-	{DLA-29-1}
 	- puppet 2.6.4-2
 	[squeeze] - puppet <no-dsa> (Minor issue)
 	NOTE: puppet-common postinst in unstable sets dpkg-statoverride --update --add puppet puppet 0750 /var/log/puppet
@@ -35944,7 +35931,6 @@
 CVE-2012-5574 (lib/form/sfForm.class.php in Symfony CMS before 1.4.20 allows remote ...)
 	NOT-FOR-US: Symfony
 CVE-2012-5573 (The connection_edge_process_relay_cell function in or/relay.c in Tor ...)
-	{DLA-17-1}
 	- tor 0.2.3.25-1 (low)
 	[squeeze] - tor 0.2.4.23-1~deb6u1
 CVE-2012-5572 (CRLF injection vulnerability in the cookie method ...)
@@ -37532,7 +37518,7 @@
 	[squeeze] - chromium-browser <end-of-life>
 	NOTE: http://www.imperialviolet.org/2012/09/21/crime.html
 CVE-2012-4929 (The TLS protocol 1.2 and earlier, as used in Mozilla Firefox, Google ...)
-	{DSA-2627-1 DSA-2626-1 DSA-2579-1 DLA-0008-1}
+	{DSA-2627-1 DSA-2626-1 DSA-2579-1}
 	- iceweasel <not-affected> (Firefox ESV not use TLS/SSL compression)
 	- chromium-browser 22.0.1229.94~r161065-1
 	NOTE: Chromium fix: https://chromiumcodereview.appspot.com/10825183/
@@ -41497,7 +41483,6 @@
 	{DSA-2548-1}
 	- tor 0.2.3.20-rc-1 (low)
 CVE-2012-3517 (Use-after-free vulnerability in dns.c in Tor before 0.2.2.38 might ...)
-	{DLA-17-1}
 	- tor 0.2.3.20-rc-1 (low)
 	[squeeze] - tor 0.2.4.23-1~deb6u1
 CVE-2012-3516 (The GNTTABOP_swap_grant_ref sub-operation in the grant table hypercall ...)
@@ -41517,7 +41502,6 @@
 	[squeeze] - munin <not-affected> (vulnerable code introduced in 2.x)
 	NOTE: http://www.munin-monitoring.org/ticket/1238
 CVE-2012-3512 (Munin before 2.0.6 stores plugin state files that run as root in the ...)
-	{DLA-20-1}
 	- munin 2.0.6-1 (bug #684075)
 	[squeeze] - munin 1.4.5-3+deb6u1
 	NOTE: http://www.munin-monitoring.org/ticket/1234
@@ -44346,7 +44330,6 @@
 	NOTE: http://secunia.com/advisories/42619/
 CVE-2010-5110 [poppler: JPEG error handler]
 	RESERVED
-	{DLA-24-1}
 	- poppler 0.16.3-1 (bug #722705)
 	[squeeze] - poppler 0.12.4-1.2+squeeze4
 CVE-2010-5109 (Off-by-one error in the DecompressRTF function in ytnef.c in Yerase's ...)
@@ -44840,11 +44823,9 @@
 	{DSA-2578-1}
 	- rssh 2.3.3-6
 CVE-2012-2250 (Tor before 0.2.3.24-rc allows remote attackers to cause a denial of ...)
-	{DLA-17-1}
 	- tor 0.2.3.24-rc-1 (low)
 	[squeeze] - tor 0.2.4.23-1~deb6u1
 CVE-2012-2249 (Tor before 0.2.3.23-rc allows remote attackers to cause a denial of ...)
-	{DLA-17-1}
 	- tor 0.2.3.23-rc-1 (low)
 	[squeeze] - tor 0.2.4.23-1~deb6u1
 CVE-2012-2248 [build-influenced PATH set in dhclient]
@@ -47478,7 +47459,6 @@
 	{DSA-2431-1}
 	- libdbd-pg-perl 2.19.0-1 (bug #661536)
 CVE-2012-1150 (Python before 2.6.8, 2.7.x before 2.7.3, 3.x before 3.1.5, and 3.2.x ...)
-	{DLA-25-1}
 	- python2.5 <removed> (low)
 	- python2.6 2.6.8-0.1 (low)
 	- python2.7 2.7.3~rc1-1 (low)
@@ -48284,7 +48264,6 @@
 CVE-2012-0846 (Cross-site scripting (XSS) vulnerability in Craig Knudsen WebCalendar ...)
 	- webcalendar <removed>
 CVE-2012-0845 (SimpleXMLRPCServer.py in SimpleXMLRPCServer in Python before 2.6.8, ...)
-	{DLA-25-1}
 	- python3.1 <removed> (low)
 	[squeeze] - python3.1 <no-dsa> (Minor issue)
 	- python3.2 3.2.3~rc1-1
@@ -48463,12 +48442,10 @@
 	{DSA-2408-1}
 	- php5 5.3.9-1
 CVE-2012-0787 (The clone_file function in transfer.c in Augeas before 1.0.0, when ...)
-	{DLA-28-1}
 	- augeas 1.0.0-1 (low; bug #731132)
 	[squeeze] - augeas <no-dsa> (Minor issue)
 	[wheezy] - augeas <no-dsa> (Minor issue)
 CVE-2012-0786 (The transform_save function in transform.c in Augeas before 1.0.0 ...)
-	{DLA-28-1}
 	- augeas 1.0.0-1 (low; bug #731132)
 	[squeeze] - augeas <no-dsa> (Minor issue)
 	[wheezy] - augeas <no-dsa> (Minor issue)
@@ -50166,7 +50143,6 @@
 	- policykit-1 0.103-1
 	[squeeze] - policykit-1 <not-affected> (vulnerable code introduced in 0.103)
 CVE-2011-4944 (Python 2.6 through 3.2 creates ~/.pypirc with world-readable ...)
-	{DLA-25-1}
 	- python2.7 2.7.3~rc2-2 (low; bug #650555)
 	- python2.6 2.6.8-1 (unimportant; bug #615118)
 	[squeeze] - python2.6 2.6.6-8+deb6u1
@@ -50178,7 +50154,6 @@
 CVE-2011-4941 (Unspecified vulnerability in Piwik 1.2 through 1.4 allows remote ...)
 	- piwik <itp> (bug #506933)
 CVE-2011-4940 (The list_directory function in Lib/SimpleHTTPServer.py in ...)
-	{DLA-25-1}
 	- python2.7 2.7.2-8 (unimportant)
 	- python2.6 <unfixed> (unimportant; bug #664135)
 	[squeeze] - python2.6 2.6.6-8+deb6u1
@@ -54719,7 +54694,6 @@
 	[squeeze] - empathy <no-dsa> (Minor issue)
 	[lenny] - empathy <not-affected> (only affects webkit theming, not present in Lenny)
 CVE-2011-3634 (methods/https.cc in apt before 0.8.11 accepts connections when the ...)
-	{DLA-0005-1}
 	- apt 0.8.11 (low)
 	[squeeze] - apt 0.8.10.3+squeeze2
 	NOTE: Minor issue, apt is only affected if apt-transport-https is installed
@@ -60874,7 +60848,6 @@
 	{DSA-2231-1}
 	- otrs2 2.4.10+dfsg1-1
 CVE-2011-1521 (The urllib and urllib2 modules in Python 2.x before 2.7.2 and 3.x ...)
-	{DLA-25-1}
 	- python3.1 <removed> (bug #628453)
 	[squeeze] - python3.1 <no-dsa> (Minor issue)
 	- python3.2 3.2-3
@@ -62475,7 +62448,6 @@
 	{DSA-2240-1}
 	- linux-2.6 2.6.38-1
 CVE-2011-1015 (The is_cgi method in CGIHTTPServer.py in the CGIHTTPServer module in ...)
-	{DLA-25-1}
 	- python2.6 2.6.8-1 (low; bug #614860)
 	[wheezy] - python2.6 <no-dsa> (Minor issue, fix modifies behaviour, too intrusive to backport)
 	[squeeze] - python2.6 2.6.6-8+deb6u1




More information about the Secure-testing-commits mailing list