[Secure-testing-commits] r28879 - data/CVE

Wed Sep 17 21:14:24 UTC 2014

Author: joeyh
Date: 2014-09-17 21:14:23 +0000 (Wed, 17 Sep 2014)
New Revision: 28879

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================

--- data/CVE/list	2014-09-17 20:26:59 UTC (rev 28878)
+++ data/CVE/list	2014-09-17 21:14:23 UTC (rev 28879)
@@ -2498,14 +2498,14 @@
 	{DSA-2999-1}
 	- drupal7 7.31-1
 CVE-2014-5266 (The Incutio XML-RPC (IXR) Library, as used in WordPress before 3.9.2 ...)
-	{DSA-3001-1 DSA-2999-1}
+	{DSA-3001-1 DSA-2999-1 DLA-56-1}
 	- wordpress 3.9.2+dfsg-1 (bug #757312)
 	NOTE: https://core.trac.wordpress.org/changeset/29405/branches/3.9
 	- drupal7 7.31-1
 	- drupal6 <removed>
 	NOTE: https://www.drupal.org/SA-CORE-2014-004
 CVE-2014-5265 (The Incutio XML-RPC (IXR) Library, as used in WordPress before 3.9.2 ...)
-	{DSA-3001-1 DSA-2999-1}
+	{DSA-3001-1 DSA-2999-1 DLA-56-1}
 	- wordpress 3.9.2+dfsg-1 (bug #757312)
 	NOTE: https://core.trac.wordpress.org/changeset/29405/branches/3.9
 	- drupal7 7.31-1
@@ -2726,15 +2726,15 @@
 	[squeeze] - ganeti <not-affected> (Vulnerable code not present)
 	NOTE: http://www.ocert.org/advisories/ocert-2014-006.html
 CVE-2014-5240 (Cross-site scripting (XSS) vulnerability in wp-includes/pluggable.php ...)
-	{DSA-3001-1}
+	{DSA-3001-1 DLA-56-1}
 	- wordpress 3.9.2+dfsg-1 (bug #757312)
 	NOTE: https://core.trac.wordpress.org/changeset/29398
 CVE-2014-5205 (wp-includes/pluggable.php in WordPress before 3.9.2 does not use ...)
-	{DSA-3001-1}
+	{DSA-3001-1 DLA-56-1}
 	- wordpress 3.9.2+dfsg-1 (bug #757312)
 	NOTE: https://core.trac.wordpress.org/changeset/29408
 CVE-2014-5204 (wp-includes/pluggable.php in WordPress before 3.9.2 rejects invalid ...)
-	{DSA-3001-1}
+	{DSA-3001-1 DLA-56-1}
 	- wordpress 3.9.2+dfsg-1 (bug #757312)
 	NOTE: https://core.trac.wordpress.org/changeset/29384
 CVE-2014-5203 (wp-includes/class-wp-customize-widgets.php in the widget ...)
@@ -10735,7 +10735,7 @@
 	NOTE: http://owncloud.org/about/security/advisories/oC-SA-2014-006/
 	NOTE: https://github.com/PHPOffice/PHPExcel/blob/develop/changelog.txt
 CVE-2014-2053 (getID3() before 1.9.8, as used in ownCloud Server before 5.0.15 and ...)
-	{DSA-3001-1}
+	{DSA-3001-1 DLA-56-1}
 	- owncloud 6.0.2+dfsg-1
 	- php-getid3 1.9.7-2
 	[wheezy] - php-getid3 1.9.3-1+deb7u1
@@ -12145,7 +12145,7 @@
 CVE-2014-1568
 	RESERVED
 CVE-2014-1567 (Use-after-free vulnerability in DirectionalityUtils.cpp in Mozilla ...)
-	{DSA-3018-1}
+	{DSA-3028-1 DSA-3018-1}
 	- iceweasel 31.1.0esr-1
 	- icedove <unfixed>
 	[squeeze] - iceweasel <end-of-life>
@@ -12174,7 +12174,7 @@
 	[squeeze] - icedove <end-of-life>
 	[wheezy] - icedove <not-affected> (Only affects releases after ESR24)
 CVE-2014-1562 (Unspecified vulnerability in the browser engine in Mozilla Firefox ...)
-	{DSA-3018-1}
+	{DSA-3028-1 DSA-3018-1}
 	- iceweasel 31.1.0esr-1
 	- icedove <unfixed>
 	[squeeze] - iceweasel <end-of-life>
@@ -15673,6 +15673,7 @@
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/cdd5df8189ff1537f7abe8defe971f80602cc2d2
 	NOTE: https://trac.ffmpeg.org/ticket/2905
 CVE-2013-7020 (The read_header function in libavcodec/ffv1dec.c in FFmpeg before 2.1 ...)
+	{DSA-3027-1}
 	- ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
 	- libav 6:10.4-1
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/b05cd1ea7e45a836f7f6071a716c38bb30326e0f
@@ -16582,7 +16583,7 @@
 CVE-2014-0115
 	RESERVED
 CVE-2014-0114 (Apache Commons BeanUtils, as distributed in ...)
-	{DSA-2940-1}
+	{DSA-2940-1 DLA-57-1}
 	- libstruts1.2-java 1.2.9-9 (bug #745897)
 	NOTE: http://mail-archives.apache.org/mod_mbox/struts-announcements/201404.mbox/%3C535F5F52.4040108%40apache.org%3E
 	- commons-beanutils 1.9.2-1


