[Secure-testing-commits] r36123 - in data: CVE DSA
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Tue Aug 18 06:11:01 UTC 2015
Author: carnil
Date: 2015-08-18 06:11:01 +0000 (Tue, 18 Aug 2015)
New Revision: 36123
Modified:
data/CVE/list
data/DSA/list
Log:
CVE assigned for second request-tracker4 issue
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-08-17 21:10:13 UTC (rev 36122)
+++ data/CVE/list 2015-08-18 06:11:01 UTC (rev 36123)
@@ -603,12 +603,12 @@
RESERVED
CVE-2015-5965 (The SSL-VPN feature in Fortinet FortiOS before 4.3.13 only checks the ...)
NOT-FOR-US: Fortinet FortiOS
-CVE-2015-XXXX [crypt XSS]
+CVE-2015-6506 [crypt XSS]
- request-tracker4 4.2.11-2
[jessie] - request-tracker4 4.2.8-3+deb8u1
[wheezy] - request-tracker4 <not-affected> (Vulnerable code not present)
NOTE: https://github.com/bestpractical/rt/commit/36a461947b00b105336adb4997d1c7767d8484c4
- NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/08/13/8
+ NOTE: http://www.openwall.com/lists/oss-security/2015/08/13/8
CVE-2015-XXXX [Incorrectly set TTYs to be world-writable]
- openssh <not-affected> (Vulnerable code introduce in V_6_8_P1)
NOTE: https://anongit.mindrot.org/openssh.git/commit/?id=6f941396b6835ad18018845f515b0c4fe20be21a
Modified: data/DSA/list
===================================================================
--- data/DSA/list 2015-08-17 21:10:13 UTC (rev 36122)
+++ data/DSA/list 2015-08-18 06:11:01 UTC (rev 36123)
@@ -3,7 +3,7 @@
[wheezy] - nss 2:3.14.5-1+deb7u5
[jessie] - nss 2:3.17.2-1.1+deb8u1
[13 Aug 2015] DSA-3335-1 request-tracker4 - security update
- {CVE-2015-5475}
+ {CVE-2015-5475 CVE-2015-6506}
[wheezy] - request-tracker4 4.0.7-5+deb7u4
[jessie] - request-tracker4 4.2.8-3+deb8u1
[12 Aug 2015] DSA-3334-1 gnutls28 - security update
More information about the Secure-testing-commits
mailing list