[Secure-testing-commits] r38366 - data/CVE
Raphaël Hertzog
hertzog at moszumanska.debian.org
Wed Dec 16 21:16:37 UTC 2015
Author: hertzog
Date: 2015-12-16 21:16:36 +0000 (Wed, 16 Dec 2015)
New Revision: 38366
Modified:
data/CVE/list
Log:
Triage CVE-2015-0861, does not affect squeeze/wheezy
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-12-16 21:10:19 UTC (rev 38365)
+++ data/CVE/list 2015-12-16 21:16:36 UTC (rev 38366)
@@ -24266,9 +24266,12 @@
[jessie] - rabbitmq-server <no-dsa> (Minor issue)
[wheezy] - rabbitmq-server <no-dsa> (Minor issue)
[squeeze] - rabbitmq-server <not-affected> (Management web UI not available in version 1.8.1)
-CVE-2015-0861
+CVE-2015-0861 [missing access permission checks for fields when multiple records are written]
RESERVED
- tryton-server 3.8.1-1
+ [wheezy] - tryton-server <not-affected> (Version < 3.2)
+ [squeeze] - tryton-server <not-affected> (Version < 3.2)
+ NOTE: Mathias Behrle told us that affected versions are >= 3.2 and < 3.8.1
CVE-2015-0860 (Off-by-one error in the extracthalf function in dpkg-deb/extract.c in ...)
{DSA-3407-1}
- dpkg <unfixed>
More information about the Secure-testing-commits
mailing list