[Secure-testing-commits] r33473 - data/CVE

David Prévot taffit at moszumanska.debian.org
Thu Apr 9 21:34:28 UTC 2015


Author: taffit
Date: 2015-04-09 21:34:28 +0000 (Thu, 09 Apr 2015)
New Revision: 33473

Modified:
   data/CVE/list
Log:
CVE-2015-301{1,2,3}/owncloud assigned

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-04-09 20:41:27 UTC (rev 33472)
+++ data/CVE/list	2015-04-09 21:34:28 UTC (rev 33473)
@@ -383,12 +383,22 @@
 	- caja <unfixed> (bug #781608)
 	NOTE: https://github.com/mate-desktop/caja/issues/398
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/04/03/12
-CVE-2015-XXXX [OC-SA-2015-004]
+CVE-2015-3013 [Bypass of file blacklist]
 	- owncloud 7.0.4+dfsg-3
-CVE-2015-XXXX [OC-SA-2015-002]
+	NOTE: in experimental fixed in 7.0.5+dfsg-1
+	NOTE: https://owncloud.org/security/advisory/?id=oc-sa-2015-004
+CVE-2015-3012 [Multiple stored XSS in "documents" application]
 	- owncloud 7.0.4+dfsg-3
-CVE-2015-XXXX [OC-SA-2015-001]
+	- owncloud-documents <itp> (bug #779358)
+	NOTE: owncloud in experimental fixed in 7.0.5+dfsg-1
+	NOTE: owncloud-documents fixed in 0.9.0+8.0.0+dfsg-1
+	NOTE: https://owncloud.org/security/advisory/?id=oc-sa-2015-002
+CVE-2015-3011 [Multiple stored XSS in "contacts" application]
 	- owncloud 7.0.4+dfsg-3
+	- ownclound-contacts <itp> (bug #779055)
+	NOTE: owncloud in experimental fixed in 7.0.5+dfsg-1
+	NOTE: owncloud-contacts fixed in 0.3.0.18+8.0.0+dfsg-1
+	NOTE: https://owncloud.org/security/advisory/?id=oc-sa-2015-001
 CVE-2015-XXXX [Regular Expression Denial of Service]
 	- node-semver <unfixed> (unimportant)
 	NOTE: https://nodesecurity.io/advisories/semver_redos




More information about the Secure-testing-commits mailing list