[Secure-testing-commits] r28944 - data/CVE
Henri Salo
fgeek-guest at moszumanska.debian.org
Mon Sep 22 06:17:29 UTC 2014
Author: fgeek-guest
Date: 2014-09-22 06:17:29 +0000 (Mon, 22 Sep 2014)
New Revision: 28944
Modified:
data/CVE/list
Log:
CVE-2014-7143/twisted
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-09-22 04:32:47 UTC (rev 28943)
+++ data/CVE/list 2014-09-22 06:17:29 UTC (rev 28944)
@@ -1,6 +1,10 @@
CVE-2014-XXXX [Remote crash based on malformed SIP subscription]
- asterisk <not-affected> (only affects 12.x series)
NOTE: http://downloads.asterisk.org/pub/security/AST-2014-009.html
+CVE-2014-7143 [twisted: trustRoot not respected in HTTP client]
+ - twisted <unfixed> (bug #761983)
+ [wheezy] - twisted <not-affected> (Only affects 14.0 series)
+ [squeeze] - twisted <not-affected> (Only affects 14.0 series)
CVE-2014-6610 [Remote crash when handling out of call message in certain dialplan configurations]
- asterisk <unfixed> (bug #762164)
NOTE: http://downloads.asterisk.org/pub/security/AST-2014-010.html
@@ -407,10 +411,6 @@
RESERVED
CVE-2012-6658 (Multiple cross-site scripting (XSS) vulnerabilities in SpiceWorks ...)
TODO: check
-CVE-2014-XXXX [twisted: trustRoot not respected in HTTP client]
- - twisted <unfixed> (bug #761983)
- [wheezy] - twisted <not-affected> (Only affects 14.0 series)
- [squeeze] - twisted <not-affected> (Only affects 14.0 series)
CVE-2014-XXXX [null ptr deref in SMB2_tcon]
- linux <unfixed>
[wheezy] - linux <not-affected> (Introduced in 3.7)
More information about the Secure-testing-commits
mailing list