[Secure-testing-commits] r28896 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Thu Sep 18 11:04:59 UTC 2014
Author: jmm
Date: 2014-09-18 11:04:58 +0000 (Thu, 18 Sep 2014)
New Revision: 28896
Modified:
data/CVE/list
Log:
torrentflux no-dsa
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-09-18 07:23:13 UTC (rev 28895)
+++ data/CVE/list 2014-09-18 11:04:58 UTC (rev 28896)
@@ -1999,11 +1999,17 @@
- loganalyzer 3.6.6+dfsg-1 (bug #760372)
CVE-2014-6029 (TorrentFlux 2.4 allows remote authenticated users to delete or modify ...)
- torrentflux <removed> (bug #759573)
+ [wheezy] - torrentflux <no-dsa> (Minor issue)
+ [squeeze] - torrentflux <no-dsa> (Minor issue)
CVE-2014-6028 (TorrentFlux 2.4 allows remote authenticated users to obtain other ...)
- torrentflux <removed> (bug #759573)
+ [wheezy] - torrentflux <no-dsa> (Minor issue)
+ [squeeze] - torrentflux <no-dsa> (Minor issue)
CVE-2014-6027 [XSS]
RESERVED
- torrentflux <removed> (bug #759574)
+ [wheezy] - torrentflux <no-dsa> (Minor issue)
+ [squeeze] - torrentflux <no-dsa> (Minor issue)
CVE-2014-6040 [crashes on invalid input in IBM gconv modules]
RESERVED
- glibc <unfixed>
@@ -2508,7 +2514,7 @@
CVE-2014-5272 [out of array access]
RESERVED
- ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
- - libav <not-affected>
+ - libav <not-affected> (Vulnerable code not present)
NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=3539d6c63a16e1b2874bb037a86f317449c58770
NOTE: new ffmpeg now in experimental, CVE fixed in 7:2.4-1
NOTE: <lu_zero> Does not apply to Libav at all.
More information about the Secure-testing-commits
mailing list