[Secure-testing-commits] r28944 - data/CVE

Henri Salo fgeek-guest at moszumanska.debian.org
Mon Sep 22 06:17:29 UTC 2014


Author: fgeek-guest
Date: 2014-09-22 06:17:29 +0000 (Mon, 22 Sep 2014)
New Revision: 28944

Modified:
   data/CVE/list
Log:
CVE-2014-7143/twisted

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2014-09-22 04:32:47 UTC (rev 28943)
+++ data/CVE/list	2014-09-22 06:17:29 UTC (rev 28944)
@@ -1,6 +1,10 @@
 CVE-2014-XXXX [Remote crash based on malformed SIP subscription]
 	- asterisk <not-affected> (only affects 12.x series)
 	NOTE: http://downloads.asterisk.org/pub/security/AST-2014-009.html
+CVE-2014-7143 [twisted: trustRoot not respected in HTTP client]
+	- twisted <unfixed> (bug #761983)
+	[wheezy] - twisted <not-affected> (Only affects 14.0 series)
+	[squeeze] - twisted <not-affected> (Only affects 14.0 series)
 CVE-2014-6610 [Remote crash when handling out of call message in certain dialplan configurations]
 	- asterisk <unfixed> (bug #762164)
 	NOTE: http://downloads.asterisk.org/pub/security/AST-2014-010.html
@@ -407,10 +411,6 @@
 	RESERVED
 CVE-2012-6658 (Multiple cross-site scripting (XSS) vulnerabilities in SpiceWorks ...)
 	TODO: check
-CVE-2014-XXXX [twisted: trustRoot not respected in HTTP client]
-	- twisted <unfixed> (bug #761983)
-	[wheezy] - twisted <not-affected> (Only affects 14.0 series)
-	[squeeze] - twisted <not-affected> (Only affects 14.0 series)
 CVE-2014-XXXX [null ptr deref in SMB2_tcon]
 	- linux <unfixed>
 	[wheezy] - linux <not-affected> (Introduced in 3.7)




More information about the Secure-testing-commits mailing list