[Secure-testing-commits] r32294 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Tue Feb 17 21:42:10 UTC 2015
Author: carnil
Date: 2015-02-17 21:42:10 +0000 (Tue, 17 Feb 2015)
New Revision: 32294
Modified:
data/CVE/list
Log:
Add new linux issue
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-02-17 21:35:03 UTC (rev 32293)
+++ data/CVE/list 2015-02-17 21:42:10 UTC (rev 32294)
@@ -1,6 +1,11 @@
CVE-2015-XXXX [Vulnerabilities in nanohttp]
- libcsoap <unfixed> (bug #778599)
NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/02/17/2
+CVE-2014-XXXX [ecryptfs 1-byte overwrite]
+ - linux <unfixed>
+ - linux-2.6 <removed>
+ NOTE: Upstream fix: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=942080643bce061c3dd9d5718d3b745dcb39a8bc (v3.19-rc1)
+ TODO: check which versions affected
CVE-2013-XXXX [session hijack through insecurely set session token cookies]
- novnc <unfixed> (bug #778618)
NOTE: https://github.com/kanaka/noVNC/commit/ad941faddead705cd611921730054767a0b32dcd
More information about the Secure-testing-commits
mailing list