[Secure-testing-commits] r32172 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Thu Feb 12 06:17:49 UTC 2015
Author: jmm
Date: 2015-02-12 06:17:49 +0000 (Thu, 12 Feb 2015)
New Revision: 32172
Modified:
data/CVE/list
Log:
new wss4j issues
NFUs (concludes external check)
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-02-12 05:37:37 UTC (rev 32171)
+++ data/CVE/list 2015-02-12 06:17:49 UTC (rev 32172)
@@ -5700,8 +5700,10 @@
RESERVED
CVE-2015-0227
RESERVED
+ - wss4j <unfixed>
CVE-2015-0226
RESERVED
+ - wss4j <unfixed>
CVE-2015-0225
RESERVED
CVE-2015-0224 [qpidd can be crashed by unauthenticated user]
@@ -8519,6 +8521,7 @@
NOTE: up to 2014.1.3 and 2014.2 version up to 2014.2.1
CVE-2014-8122
RESERVED
+ NOT-FOR-US: JBoss Weld
CVE-2014-8121
RESERVED
CVE-2014-8120 (The agent in Thermostat before 1.0.6, when using unspecified ...)
@@ -9268,6 +9271,7 @@
RESERVED
CVE-2014-7853
RESERVED
+ NOT-FOR-US: JBoss AS/WildFly Domain Management
CVE-2014-7852 (Cross-site scripting (XSS) vulnerability in JBoss RichFaces, as used ...)
NOT-FOR-US: RichFaces
CVE-2014-7851
@@ -9278,6 +9282,7 @@
TODO: check (possibly unimportant severity if we don't include WebUI part and only have vulnerable code)
CVE-2014-7849
RESERVED
+ NOT-FOR-US: JBoss AS/WildFly Domain Management
CVE-2014-7848 (lib/phpunit/bootstrap.php in Moodle 2.6.x before 2.6.6 and 2.7.x ...)
- moodle 2.7.5+dfsg-1 (bug #775842)
[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
@@ -9376,6 +9381,7 @@
NOTE: https://fedorahosted.org/freeipa/ticket/4690
CVE-2014-7827
RESERVED
+ NOT-FOR-US: JBoss Security
CVE-2014-7826 (kernel/trace/trace_syscalls.c in the Linux kernel through 3.17.2 does ...)
- linux 3.16.7-ckt2-1
[wheezy] - linux <not-affected> (Vulnerable code introduced later)
More information about the Secure-testing-commits
mailing list