[Secure-testing-commits] r28839 - data/CVE

Joey Hess joeyh at moszumanska.debian.org
Tue Sep 16 21:14:11 UTC 2014


Author: joeyh
Date: 2014-09-16 21:14:11 +0000 (Tue, 16 Sep 2014)
New Revision: 28839

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2014-09-16 21:05:00 UTC (rev 28838)
+++ data/CVE/list	2014-09-16 21:14:11 UTC (rev 28839)
@@ -2462,7 +2462,7 @@
 	NOTE: Fix MariaDB: https://bazaar.launchpad.net/~maria-captains/maria/5.5/revision/4261?sort=date#storage/myisam/ha_myisam.cc
 CVE-2014-5270 [side-channel attack on Elgamal encryption subkeys]
 	RESERVED
-	{DSA-3024-1}
+	{DSA-3024-1 DLA-54-1}
 	- gnupg 1.4.16-1
 	NOTE: http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=cad8216f9a0b33c9dc84ecc4f385b00045e7b496
 	- libgcrypt11 1.5.4-1
@@ -6318,22 +6318,27 @@
 	RESERVED
 CVE-2014-3639
 	RESERVED
+	{DSA-3026-1}
 	- dbus 1.8.8-1
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=80919
 CVE-2014-3638
 	RESERVED
+	{DSA-3026-1}
 	- dbus 1.8.8-1
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=81053
 CVE-2014-3637
 	RESERVED
+	{DSA-3026-1}
 	- dbus 1.8.8-1
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=80559
 CVE-2014-3636
 	RESERVED
+	{DSA-3026-1}
 	- dbus 1.8.8-1
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=82820
 CVE-2014-3635
 	RESERVED
+	{DSA-3026-1}
 	- dbus 1.8.8-1
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=83622
 CVE-2014-3634
@@ -10689,7 +10694,7 @@
 	- owncloud 6.0.2+dfsg-1
 	- dolibarr 3.5.3+dfsg1-1
 	- moodle <unfixed>
-        [squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
+	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: dolibarr removed phpexcel in 3.5.3+dfsg1-1 / #729538
 	NOTE: moodle also contain a copy of PHPExcel
 	NOTE: owncloud does not mention details
@@ -14610,17 +14615,21 @@
 	NOT-FOR-US: Flash plugin
 CVE-2014-0490 [incorrect apt-get download validation]
 	RESERVED
+	{DSA-3025-1}
 	- apt 0.9.12
 	NOTE: fixed with commit http://anonscm.debian.org/cgit/apt/apt.git/commit/?id=d57f6084aaa3972073114973d149ea2291b36682
 	[squeeze] - apt <not-affected> (apt download command and vulnerable code not present)
 CVE-2014-0489 [incorrect verification of Acquire::Gzip indexes]
 	RESERVED
+	{DSA-3025-1 DLA-53-1}
 	- apt 1.0.9
 CVE-2014-0488 [incorrect invalidating of unauthenticated data]
 	RESERVED
+	{DSA-3025-1 DLA-53-1}
 	- apt 1.0.9
 CVE-2014-0487 [incorrect verification of 304 reply]
 	RESERVED
+	{DSA-3025-1 DLA-53-1}
 	- apt 1.0.9
 CVE-2014-0486 [remote crash with crafted DNS message]
 	RESERVED




More information about the Secure-testing-commits mailing list