[Secure-testing-commits] r31898 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Mon Feb 2 07:47:38 UTC 2015
Author: jmm
Date: 2015-02-02 07:47:38 +0000 (Mon, 02 Feb 2015)
New Revision: 31898
Modified:
data/CVE/list
Log:
qpid bug
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-02-02 07:47:03 UTC (rev 31897)
+++ data/CVE/list 2015-02-02 07:47:38 UTC (rev 31898)
@@ -161,6 +161,7 @@
- asterisk <unfixed>
NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-24676
NOTE: http://downloads.digium.com/pub/security/AST-2015-002.html
+ NOTE: Since we have a fixed curl package, we don't need this. I've pinged upstream for confirmation
CVE-2015-XXXX [AST-2015-001: File descriptor leak when incompatible codecs are offered]
- asterisk <unfixed>
[jessie] - asterisk <not-affected> (Only affects 12.x and 13.x)
@@ -5067,11 +5068,11 @@
RESERVED
CVE-2015-0224 [qpidd can be crashed by unauthenticated user]
RESERVED
- - qpid-cpp <unfixed>
+ - qpid-cpp <unfixed> (bug #772794)
[wheezy] - qpid-cpp <no-dsa> (Minor issue)
CVE-2015-0223 [anonymous access to qpidd cannot be prevented]
RESERVED
- - qpid-cpp <unfixed>
+ - qpid-cpp <unfixed> (bug #772794)
[wheezy] - qpid-cpp <no-dsa> (Minor issue)
CVE-2015-0222 (ModelMultipleChoiceField in Django 1.6.x before 1.6.10 and 1.7.x ...)
- python-django 1.7.1-1.1 (bug #775375)
More information about the Secure-testing-commits
mailing list