[Secure-testing-commits] r36209 - data/CVE

Moritz Muehlenhoff jmm at moszumanska.debian.org
Thu Aug 20 09:05:38 UTC 2015 

Author: jmm
Date: 2015-08-20 09:05:38 +0000 (Thu, 20 Aug 2015)
New Revision: 36209

Modified:
   data/CVE/list
Log:
xbmc is now a transitional package


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-08-20 06:26:36 UTC (rev 36208)
+++ data/CVE/list	2015-08-20 09:05:38 UTC (rev 36209)
@@ -7104,7 +7104,7 @@
 	- rawstudio <removed>
 	[wheezy] - rawstudio <no-dsa> (Minor issue)
 	[squeeze] - rawstudio <no-dsa> (Minor issue)
-	- xbmc <unfixed> (bug #786688)
+	- xbmc 2:13.2+dfsg1-5 (bug #786688)
 	[jessie] - xbmc <no-dsa> (Minor issue)
 	[wheezy] - xbmc <no-dsa> (Minor issue)
 	- kodi <unfixed> (bug #792299)
@@ -7121,6 +7121,7 @@
 	[wheezy] - darktable <no-dsa> (Minor issue)
 	NOTE: http://www.ocert.org/advisories/ocert-2015-006.html
 	NOTE: https://codesearch.debian.net/results/int%20CLASS%20ljpeg_start
+	NOTE: Starting with 2:13.2+dfsg1-5 xbmc is a transitional package
 CVE-2015-3880 [open redirect]
 	RESERVED
 	- phpbb3 3.0.14-1
@@ -15591,7 +15592,8 @@
 	[squeeze] - typo3-src <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2014-002/
 CVE-2014-XXXX [Kodi Cross-Site Request Forgery]
-	- xbmc <unfixed> (low)
+	NOTE: Starting with 2:13.2+dfsg1-5 xbmc is a transitional package
+	- xbmc 2:13.2+dfsg1-5 (low)
 	[jessie] - xbmc <no-dsa> (Minor issue)
 	[wheezy] - xbmc <no-dsa> (Minor issue)
 	- kodi <undetermined>
@@ -34400,7 +34402,8 @@
 CVE-2013-7376 (Multiple cross-site request forgery (CSRF) vulnerabilities in OpenX ...)
 	NOT-FOR-US: OpenX
 CVE-2014-3800 (XBMC 13.0 uses world-readable permissions for ...)
-	- xbmc <unfixed> (low; bug #747428)
+	NOTE: Starting with 2:13.2+dfsg1-5 xbmc is a transitional package
+	- xbmc 2:13.2+dfsg1-5 (low; bug #747428)
 	[jessie] - xbmc <no-dsa> (Minor issue)
 	[wheezy] - xbmc <no-dsa> (Minor issue)
 	NOTE: http://trac.xbmc.org/ticket/15198
@@ -59772,10 +59775,11 @@
 	- ufraw 0.19.2-2 (bug #721234)
 	[wheezy] - ufraw <no-dsa> (end-user app)
 	[squeeze] - ufraw <no-dsa> (end-user app)
-	- xbmc <unfixed> (unimportant; bug #721235)
+	- xbmc 2:13.2+dfsg1-5 (unimportant; bug #721235)
 	- exactimage 0.8.9-1 (bug #721236)
 	- rawstudio <removed> (unimportant; bug #721237)
 	- rawtherapee <not-affected> (unimportant; bug #721238)
+	NOTE: Starting with 2:13.2+dfsg1-5 xbmc is a transitional package
 CVE-2013-1437 [Code execution when gathering version metadata]
 	RESERVED
 	- perl 5.18.1-2

More information about the Secure-testing-commits mailing list