[Secure-testing-commits] r36211 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Thu Aug 20 09:27:06 UTC 2015
Author: jmm
Date: 2015-08-20 09:27:06 +0000 (Thu, 20 Aug 2015)
New Revision: 36211
Modified:
data/CVE/list
Log:
bugs for sogo and pykerberos
remove older non-issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-08-20 09:10:12 UTC (rev 36210)
+++ data/CVE/list 2015-08-20 09:27:06 UTC (rev 36211)
@@ -2760,14 +2760,9 @@
NOTE: http://w1.fi/security/2015-5/
CVE-2015-5395 [CSRF]
RESERVED
- - sogo <unfixed>
+ - sogo <unfixed> (bug #796197)
NOTE: http://www.openwall.com/lists/oss-security/2015/07/07/10
NOTE: http://www.sogo.nu/bugs/view.php?id=3246
- TODO: check
-CVE-2015-XXXX [denial of service]
- - sogo <unfixed>
- NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/07/07/9
- TODO: check
CVE-2015-5470 [denial of service - incomplete fix for CVE-2015-1868]
RESERVED
{DSA-3307-1 DSA-3306-1}
@@ -8574,7 +8569,7 @@
CVE-2015-3206 [checkPassword() does not verify KDC authenticity]
RESERVED
{DLA-265-1}
- - pykerberos <unfixed>
+ - pykerberos <unfixed> (bug #796195)
NOTE: CVE originally assigned for python-kerberos, pykerberos is a fork of the
NOTE: former.
NOTE: KDC verification support in pykerberos added in https://github.com/02strich/pykerberos/commit/02d13860b25fab58e739f0e000bed0067b7c6f9c
@@ -111104,10 +111099,6 @@
NOT-FOR-US: module for Drupal
CVE-2009-3778 (SQL injection vulnerability in Moodle Course List 6.x before 6.x-1.2, ...)
NOT-FOR-US: module for Drupal
-CVE-2009-XXXX [NULL dereferences, similar to Adobe's CVE-2009-0658]
- - ghostscript <unfixed> (unimportant)
- - gs-gpl <removed> (unimportant)
- - xpdf <unfixed> (unimportant)
CVE-2009-5045 [multiple vulnerabilities in jetty]
RESERVED
- jetty 6.1.22-1 (unimportant; bug #553644)
More information about the Secure-testing-commits
mailing list