[Secure-testing-commits] r31133 - data/CVE

Moritz Muehlenhoff jmm at moszumanska.debian.org
Mon Jan 5 07:18:31 UTC 2015


Author: jmm
Date: 2015-01-05 07:18:31 +0000 (Mon, 05 Jan 2015)
New Revision: 31133

Modified:
   data/CVE/list
Log:
new quvi issue
openssl no-dsa
php5 n/a


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-01-05 06:18:08 UTC (rev 31132)
+++ data/CVE/list	2015-01-05 07:18:31 UTC (rev 31133)
@@ -1,3 +1,9 @@
+CVE-2014-XXXX [insecure LUA default load path]
+	- libquvi 0.4.1-3 (low; bug #774555)
+	[wheezy] - libquvi <no-dsa> (Minor issue)
+	[squeeze] - libquvi <no-dsa> (Minor issue)
+CVE-2014-9489
+	NOT-FOR-US: Gollum wiki
 CVE-2014-9487
 	NOT-FOR-US: Mediawiki extension not packaged in src:mediawiki-extensions
 CVE-2014-9481
@@ -662,6 +668,8 @@
 	[wheezy] - file <not-affected> (Introduced in 5.16)
 	[squeeze] - file <not-affected> (Introduced in 5.16)
 	- php5 <unfixed>
+	[wheezy] - php5 <not-affected> (Vulnerable code not present)
+	[squeeze] - php5 <not-affected> (Vulnerable code not present)
 	NOTE: Report: http://mx.gw.com/pipermail/file/2014/001654.html
 	NOTE: Fix: https://github.com/file/file/commit/65437cee25199dbd385fb35901bc0011e164276c
 	NOTE: Introduced by: https://github.com/file/file/commit/c8451af8ab0c2e2a93ce93b9c68257d31576cc85 (5.16)
@@ -15496,6 +15504,7 @@
 	- cyassl <unfixed> (bug #769905)
 	- dwb <unfixed> (unimportant)
 	- openssl 1.0.1j-1
+	[wheezy] - openssl <no-dsa> (Will be addressed through a point update, #774299)
 	- galeon <unfixed> (unimportant)
 	- gnutls26 <unfixed>
 	[wheezy] - gnutls26 <no-dsa> (Minor issue)




More information about the Secure-testing-commits mailing list