[Secure-testing-commits] r32444 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Mon Feb 23 21:49:32 UTC 2015
Author: carnil
Date: 2015-02-23 21:49:32 +0000 (Mon, 23 Feb 2015)
New Revision: 32444
Modified:
data/CVE/list
Log:
Two CVEs were assigned, one for jabberd and one for libidn, both need to be checked
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-02-23 21:10:18 UTC (rev 32443)
+++ data/CVE/list 2015-02-23 21:49:32 UTC (rev 32444)
@@ -1403,11 +1403,16 @@
NOTE: Issue needs also to be fixed in jessie, prepared debdiff in
NOTE: #772707, but needs as well resolution for #776137 and then
NOTE: ask update though t-p-u for both issues.
-CVE-2014-XXXX [Stringprep calls leak random memory]
+CVE-2015-2058
- jabberd2 <unfixed>
NOTE: https://github.com/jabberd2/jabberd2/issues/85
- NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/02/09/13
+ NOTE: http://www.openwall.com/lists/oss-security/2015/02/09/13
TODO: check
+CVE-2015-2059
+ - libidn <unfixed>
+ NOTE: https://github.com/jabberd2/jabberd2/issues/85
+ NOTE: http://www.openwall.com/lists/oss-security/2015/02/09/13
+ TODO: check
CVE-2015-1545 (The deref_parseCtrl function in servers/slapd/overlays/deref.c in ...)
- openldap 2.4.40-4 (bug #776988)
[wheezy] - openldap <no-dsa> (Minor issue)
More information about the Secure-testing-commits
mailing list