[Secure-testing-commits] r32097 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Mon Feb 9 06:58:20 UTC 2015
Author: jmm
Date: 2015-02-09 06:58:20 +0000 (Mon, 09 Feb 2015)
New Revision: 32097
Modified:
data/CVE/list
Log:
RH NFUs
track openjdk issues which is fixed in Debian for while, but was only
recently disclosed
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-02-09 06:48:46 UTC (rev 32096)
+++ data/CVE/list 2015-02-09 06:58:20 UTC (rev 32097)
@@ -35786,6 +35786,8 @@
NOTE: http://www.mathyvanhoef.com/2013/11/unmasking-spoofed-mac-address.html
CVE-2013-4578
RESERVED
+ - openjdk-7 7u51-2.4.4-1
+ - openjdk-6 6b30-1.13.1-1
CVE-2013-4577 (A certain Debian patch for GNU GRUB uses world-readable permissions ...)
- grub2 2.00-20 (unimportant; bug #632598)
NOTE: Additional hardening for rare setups, not a vulnerability
@@ -36566,6 +36568,7 @@
NOTE: Xen after Wheezy uses qemu-system-x86 from qemu, marking 4.2 as pseudo fixed
CVE-2013-4374
RESERVED
+ NOT-FOR-US: RHQ MondoDB Drift Server
CVE-2013-4373 (The storeFiles method in JPADriftServerBean in Red Hat JBoss ...)
NOT-FOR-US: Red Hat JBoss Operations Network
CVE-2013-4372 (Multiple cross-site scripting (XSS) vulnerabilities in Fuse Management ...)
@@ -51001,6 +51004,7 @@
NOTE: https://mariadb.atlassian.net/browse/MDEV-3915
CVE-2012-5626
RESERVED
+ - jbossas4 <not-affected> (Only builds a few libraries, not the full application server, #581226)
CVE-2012-5625 (OpenStack Compute (Nova) Folsom before 2012.2.2 and Grizzly, when ...)
- nova <not-affected> (Only affects OpenStack Folsom, bug #695830)
CVE-2012-5624 (The XMLHttpRequest object in Qt before 4.8.4 enables http redirection ...)
More information about the Secure-testing-commits
mailing list