[Secure-testing-commits] r31467 - in data: CVE DSA
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sat Jan 17 23:06:05 UTC 2015
Author: carnil
Date: 2015-01-17 23:06:05 +0000 (Sat, 17 Jan 2015)
New Revision: 31467
Modified:
data/CVE/list
data/DSA/list
Log:
Add CVE-2014-9620 for file DSA
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-01-17 23:03:21 UTC (rev 31466)
+++ data/CVE/list 2015-01-17 23:06:05 UTC (rev 31467)
@@ -2479,7 +2479,6 @@
CVE-2014-9620 [Limit the number of ELF notes processed - DoS]
- file 1:5.21+15-1
[squeeze] - file <not-affected> (Introduced in 5.08)
- [wheezy] - file 5.11-2+deb7u7
- php5 <not-affected> (readelf.c not used and even removed in 5.4.36-0+deb7u3)
NOTE: Report: http://mx.gw.com/pipermail/file/2014/001653.html
NOTE: Fix: https://github.com/file/file/commit/ce90e05774dd77d86cfc8dfa6da57b32816841c4
Modified: data/DSA/list
===================================================================
--- data/DSA/list 2015-01-17 23:03:21 UTC (rev 31466)
+++ data/DSA/list 2015-01-17 23:06:05 UTC (rev 31467)
@@ -28,7 +28,7 @@
{CVE-2014-8150}
[wheezy] - curl 7.26.0-1+wheezy12
[08 Jan 2015] DSA-3121-1 file - security update
- {CVE-2014-8116 CVE-2014-8117}
+ {CVE-2014-8116 CVE-2014-8117 CVE-2014-9620}
[wheezy] - file 5.11-2+deb7u7
[06 Jan 2015] DSA-3120-1 mantis - security update
{CVE-2014-6316 CVE-2014-7146 CVE-2014-8553 CVE-2014-8554 CVE-2014-8598 CVE-2014-8986 CVE-2014-8988 CVE-2014-9089 CVE-2014-9117 CVE-2014-9269 CVE-2014-9270 CVE-2014-9271 CVE-2014-9272 CVE-2014-9280 CVE-2014-9281 CVE-2014-9388 CVE-2014-9506 CVE-2014-6387 CVE-2013-4460 CVE-2013-1934 CVE-2013-1811}
More information about the Secure-testing-commits
mailing list