[Secure-testing-commits] r32352 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Thu Feb 19 14:46:23 UTC 2015
Author: carnil
Date: 2015-02-19 14:46:23 +0000 (Thu, 19 Feb 2015)
New Revision: 32352
Modified:
data/CVE/list
Log:
Update elasticsearch CVE information
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-02-19 14:37:21 UTC (rev 32351)
+++ data/CVE/list 2015-02-19 14:46:23 UTC (rev 32352)
@@ -1199,10 +1199,9 @@
CVE-2015-1428 (Multiple SQL injection vulnerabilities in Sefrengo before 1.6.2 allow ...)
NOT-FOR-US: Sefrengo
CVE-2015-1427 (The Groovy scripting engine in Elasticsearch before 1.3.8 and 1.4.x ...)
- - elasticsearch <undetermined>
+ - elasticsearch <not-affected> (Affects 1.3.0-1.3.7 and 1.4.0-1.4.2, vulnerable code not present)
NOTE: http://seclists.org/bugtraq/2015/Feb/92
NOTE: Problem in the Groovy scripting engine.
- TODO: check, possibly only 1.3.0-1.3.7 and 1.4.0-1.4.2
CVE-2015-1426
RESERVED
- facter <unfixed> (bug #778265)
More information about the Secure-testing-commits
mailing list