[Secure-testing-commits] r28839 - data/CVE
Joey Hess
joeyh at moszumanska.debian.org
Tue Sep 16 21:14:11 UTC 2014
Author: joeyh
Date: 2014-09-16 21:14:11 +0000 (Tue, 16 Sep 2014)
New Revision: 28839
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-09-16 21:05:00 UTC (rev 28838)
+++ data/CVE/list 2014-09-16 21:14:11 UTC (rev 28839)
@@ -2462,7 +2462,7 @@
NOTE: Fix MariaDB: https://bazaar.launchpad.net/~maria-captains/maria/5.5/revision/4261?sort=date#storage/myisam/ha_myisam.cc
CVE-2014-5270 [side-channel attack on Elgamal encryption subkeys]
RESERVED
- {DSA-3024-1}
+ {DSA-3024-1 DLA-54-1}
- gnupg 1.4.16-1
NOTE: http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=cad8216f9a0b33c9dc84ecc4f385b00045e7b496
- libgcrypt11 1.5.4-1
@@ -6318,22 +6318,27 @@
RESERVED
CVE-2014-3639
RESERVED
+ {DSA-3026-1}
- dbus 1.8.8-1
NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=80919
CVE-2014-3638
RESERVED
+ {DSA-3026-1}
- dbus 1.8.8-1
NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=81053
CVE-2014-3637
RESERVED
+ {DSA-3026-1}
- dbus 1.8.8-1
NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=80559
CVE-2014-3636
RESERVED
+ {DSA-3026-1}
- dbus 1.8.8-1
NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=82820
CVE-2014-3635
RESERVED
+ {DSA-3026-1}
- dbus 1.8.8-1
NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=83622
CVE-2014-3634
@@ -10689,7 +10694,7 @@
- owncloud 6.0.2+dfsg-1
- dolibarr 3.5.3+dfsg1-1
- moodle <unfixed>
- [squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
+ [squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
NOTE: dolibarr removed phpexcel in 3.5.3+dfsg1-1 / #729538
NOTE: moodle also contain a copy of PHPExcel
NOTE: owncloud does not mention details
@@ -14610,17 +14615,21 @@
NOT-FOR-US: Flash plugin
CVE-2014-0490 [incorrect apt-get download validation]
RESERVED
+ {DSA-3025-1}
- apt 0.9.12
NOTE: fixed with commit http://anonscm.debian.org/cgit/apt/apt.git/commit/?id=d57f6084aaa3972073114973d149ea2291b36682
[squeeze] - apt <not-affected> (apt download command and vulnerable code not present)
CVE-2014-0489 [incorrect verification of Acquire::Gzip indexes]
RESERVED
+ {DSA-3025-1 DLA-53-1}
- apt 1.0.9
CVE-2014-0488 [incorrect invalidating of unauthenticated data]
RESERVED
+ {DSA-3025-1 DLA-53-1}
- apt 1.0.9
CVE-2014-0487 [incorrect verification of 304 reply]
RESERVED
+ {DSA-3025-1 DLA-53-1}
- apt 1.0.9
CVE-2014-0486 [remote crash with crafted DNS message]
RESERVED
More information about the Secure-testing-commits
mailing list