[Secure-testing-commits] r31194 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Thu Jan 8 11:27:37 UTC 2015
Author: jmm
Date: 2015-01-08 11:27:37 +0000 (Thu, 08 Jan 2015)
New Revision: 31194
Modified:
data/CVE/list
Log:
new curl issue
weboob no-dsa
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-01-08 10:21:55 UTC (rev 31193)
+++ data/CVE/list 2015-01-08 11:27:37 UTC (rev 31194)
@@ -1,5 +1,6 @@
CVE-2015-XXXX [insecure keyring handling]
- - weboob <unfixed> (bug #774838)
+ - weboob <unfixed> (low; bug #774838)
+ [wheezy] - weboob <no-dsa> (Minor issue)
CVE-2015-XXXX [use-after-free]
- privoxy <unfixed>
NOTE: http://www.privoxy.org/announce.txt
@@ -372,6 +373,7 @@
[squeeze] - libhtp <no-dsa> (Minor issue)
NOTE: https://redmine.openinfosecfoundation.org/issues/1272
NOTE: https://github.com/inliniac/libhtp/commit/4acebf251bb6c8343dd5f37f1b48cb38fec4fed4
+ NOTE: CVE request: http://seclists.org/oss-sec/2014/q4/1035
CVE-2014-9485 [miniunzip directory traversal]
RESERVED
- minizip <unfixed> (low; bug #774321)
@@ -4875,6 +4877,7 @@
RESERVED
CVE-2014-8150
RESERVED
+ - curl 7.38.0-4
CVE-2014-8149
RESERVED
CVE-2014-8148 [midgard-core configures D-Bus system bus to be insecure]
More information about the Secure-testing-commits
mailing list