[Secure-testing-commits] r31398 - in data: . CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Fri Jan 16 19:42:20 UTC 2015
Author: jmm
Date: 2015-01-16 19:42:19 +0000 (Fri, 16 Jan 2015)
New Revision: 31398
Modified:
data/CVE/list
data/dsa-needed.txt
Log:
ppmd no-dsa
glance n/a
gparted no-dsa
openjdk-7 no-dsa
add squid to dsa-needed
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-01-16 19:38:55 UTC (rev 31397)
+++ data/CVE/list 2015-01-16 19:42:19 UTC (rev 31398)
@@ -5,10 +5,14 @@
- pxz <unfixed> (bug #775306)
NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/01/16/5
CVE-2015-XXXX [directory traversal vulnerabilities]
- - ppmd <unfixed> (bug #775218)
+ - ppmd <unfixed> (low; bug #775218)
+ [squeeze] - ppmd <no-dsa> (Minor issue)
+ [wheezy] - ppmd <no-dsa> (Minor issue)
+ [jessie] - ppmd <no-dsa> (Minor issue)
NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/01/16/4
CVE-2015-XXXX [Glance v2 API unrestricted path traversal through filesystem:// scheme]
- glance <unfixed>
+ [wheezy] - glance <not-affected> (Vulnerable code not present)
NOTE: up to 2014.1.3 and 2014.2 versions up to 2014.2.1
CVE-2014-XXXX [TYPO3-CORE-SA-2014-002: Multiple Vulnerabilities in TYPO3 CMS]
- typo3-src <unfixed> (bug #766502)
@@ -1358,6 +1362,7 @@
CVE-2015-XXXX [jar: directory traversal]
- openjdk-8 <undetermined>
- openjdk-7 <unfixed> (bug #774953)
+ [wheezy] - openjdk-7 <no-dsa> (Can be fixed when/if fixed in an Oracle CPU update)
- openjdk-6 <undetermined>
TODO: check
NOTE: Reported to Oracle, no reply so far
@@ -8577,6 +8582,8 @@
- mime-support 3.58
CVE-2014-7208 (GParted before 0.15.0 allows local users to execute arbitrary commands ...)
- gparted 0.16.1-1
+ [wheezy] - gparted <no-dsa> (Minor issue)
+ [squeeze] - gparted <no-dsa> (Minor issue)
CVE-2014-7207 (A certain Debian patch to the IPv6 implementation in the Linux kernel ...)
{DSA-3060-1}
- linux <not-affected> (Issue specific to 3.2.x)
Modified: data/dsa-needed.txt
===================================================================
--- data/dsa-needed.txt 2015-01-16 19:38:55 UTC (rev 31397)
+++ data/dsa-needed.txt 2015-01-16 19:42:19 UTC (rev 31398)
@@ -47,6 +47,8 @@
--
smarty3
--
+squid
+--
tomcat6
--
tomcat7
More information about the Secure-testing-commits
mailing list