[Secure-testing-commits] r28632 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sun Sep 7 20:54:22 UTC 2014
Author: carnil
Date: 2014-09-07 20:54:22 +0000 (Sun, 07 Sep 2014)
New Revision: 28632
Modified:
data/CVE/list
Log:
Add fixed version for two puppet CVEs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-09-07 18:11:55 UTC (rev 28631)
+++ data/CVE/list 2014-09-07 20:54:22 UTC (rev 28632)
@@ -7047,7 +7047,7 @@
NOTE: http://puppetlabs.com/security/cve/cve-2014-3251
CVE-2014-3250
RESERVED
- - puppet <unfixed> (low)
+ - puppet 3.7.0-1 (low)
[squeeze] - puppet <not-affected> (Only exploitable in combination with Apache 2.4)
[wheezy] - puppet <not-affected> (Only exploitable in combination with Apache 2.4)
NOTE: http://puppetlabs.com/security/cve/CVE-2014-3250
@@ -7056,7 +7056,7 @@
NOTE: http://puppetlabs.com/security/cve/cve-2014-3249
CVE-2014-3248
RESERVED
- - puppet <unfixed> (low)
+ - puppet 3.7.0-1 (low)
[wheezy] - puppet <no-dsa> (Minor issue)
[squeeze] - puppet <no-dsa> (Minor issue)
- hiera 1.3.4-1 (low)
More information about the Secure-testing-commits
mailing list