[Secure-testing-commits] r31462 - data/CVE
Florian Weimer
fw at moszumanska.debian.org
Sat Jan 17 22:41:20 UTC 2015
Author: fw
Date: 2015-01-17 22:41:20 +0000 (Sat, 17 Jan 2015)
New Revision: 31462
Modified:
data/CVE/list
Log:
apport is only in experimental
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-01-17 22:39:14 UTC (rev 31461)
+++ data/CVE/list 2015-01-17 22:41:20 UTC (rev 31462)
@@ -44092,7 +44092,7 @@
[wheezy] - cinder <not-affected> (Vulnerable code not present)
NOTE: Requires includedir to be defined in /etc/sudoers file
CVE-2013-1067 (Apport 2.12.5 and earlier uses weak permissions for core dump files ...)
- - apport 2.12.6-1 (bug #727661)
+ [experimental] - apport 2.12.6-1 (bug #727661)
NOTE: apport only in experimental, so we cannot track this in security-tracker
NOTE: add it, as we have a explicit bug reference for apport
CVE-2013-1066 (language-selector 0.110.x before 0.110.1, 0.90.x before 0.90.1, and ...)
@@ -102679,7 +102679,7 @@
NOTE: encrypted home directories with ecryptfs, so no passphrase is stored in the
NOTE: installer logs on disk
CVE-2009-1295 (Apport before 0.108.4 on Ubuntu 8.04 LTS, before 0.119.2 on Ubuntu ...)
- - apport <not-affected> (Fixed before initial upload into Debian)
+ [experimental] - apport <not-affected> (Fixed before initial upload into Debian)
CVE-2009-1294 (Multiple cross-site scripting (XSS) vulnerabilities in web/guest/home ...)
NOT-FOR-US: Novell Teaming
CVE-2009-1293 (The web login functionality (c/portal/login) in Novell Teaming 1.0 ...)
More information about the Secure-testing-commits
mailing list