[Secure-testing-commits] r32045 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sat Feb 7 06:15:44 UTC 2015
Author: carnil
Date: 2015-02-07 06:15:44 +0000 (Sat, 07 Feb 2015)
New Revision: 32045
Modified:
data/CVE/list
Log:
Add CVE-2014-3539/rope
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-02-07 06:14:05 UTC (rev 32044)
+++ data/CVE/list 2015-02-07 06:15:44 UTC (rev 32045)
@@ -19347,8 +19347,11 @@
NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-45616
CVE-2014-3540
REJECTED
-CVE-2014-3539
+CVE-2014-3539 [pickle.load of remotely supplied data with no authentication required]
RESERVED
+ - rope <unfixed>
+ NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1116485
+ TODO: check
CVE-2014-3538 (file before 5.19 does not properly restrict the amount of data read ...)
{DSA-3021-1 DSA-3008-1 DLA-67-1 DLA-50-1}
- file 1:5.19-1
More information about the Secure-testing-commits
mailing list