[Secure-testing-commits] r31953 - data/CVE

Moritz Muehlenhoff jmm at moszumanska.debian.org
Wed Feb 4 06:49:11 UTC 2015


Author: jmm
Date: 2015-02-04 06:49:11 +0000 (Wed, 04 Feb 2015)
New Revision: 31953

Modified:
   data/CVE/list
Log:
jython no-dsa
ipv4 issue only in jessie and above


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-02-04 06:38:42 UTC (rev 31952)
+++ data/CVE/list	2015-02-04 06:49:11 UTC (rev 31953)
@@ -11,9 +11,10 @@
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2014/12/24/1
 CVE-2015-1465 [net: DoS due to routing packets to too many different dsts/too fast]
 	- linux <unfixed>
-	- linux-2.6 <removed>
+	[wheezy] - linux <not-affected> (Introduced in 3.16)
+	- linux-2.6 <not-affected> (Introduced in 3.16)
 	NOTE: Upstream patch: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=df4d92549f23e1c037e83323aff58a21b3de7fe0 (v3.19-rc7)
-	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/02/02/2
+	NOTE: http://www.openwall.com/lists/oss-security/2015/02/02/2
 CVE-2015-1473 [ risk-management error]
 	- glibc <unfixed>
 	- eglibc <removed>
@@ -42542,8 +42543,9 @@
 	- nginx <not-affected> (Vulnerable code not present)
 CVE-2013-2027 [creates executables class files with wrong permissions]
 	RESERVED
-	- jython <unfixed>
-	TODO: check
+	- jython <unfixed> (low)
+	[wheezy] - jython <no-dsa> (Minor issue)
+	[squeeze] - jython <no-dsa> (Minor issue)
 CVE-2013-2026
 	REJECTED
 CVE-2013-2025 (Cross-site scripting (XSS) vulnerability in Ushahidi Platform 2.5.x ...)




More information about the Secure-testing-commits mailing list