[Secure-testing-commits] r31492 - data/CVE

Moritz Muehlenhoff jmm at moszumanska.debian.org
Sun Jan 18 11:17:03 UTC 2015 

Author: jmm
Date: 2015-01-18 11:17:03 +0000 (Sun, 18 Jan 2015)
New Revision: 31492

Modified:
   data/CVE/list
Log:
arj no-dsa
fix up older openjdk and openoffice issues


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-01-18 11:00:40 UTC (rev 31491)
+++ data/CVE/list	2015-01-18 11:17:03 UTC (rev 31492)
@@ -2099,11 +2099,13 @@
 CVE-2015-0557 [directory traversal via //multiple/leading/slash]
 	RESERVED
 	- arj <unfixed> (low; bug #774435)
+	[jessie] - arj <no-dsa> (Minor issue)
 	[squeeze] - arj <no-dsa> (Minor issue)
 	[wheezy] - arj <no-dsa> (Minor issue)
 CVE-2015-0556 [symlink directory traversal]
 	RESERVED
 	- arj <unfixed> (low; bug #774434)
+	[jessie] - arj <no-dsa> (Minor issue)
 	[squeeze] - arj <no-dsa> (Minor issue)
 	[wheezy] - arj <no-dsa> (Minor issue)
 CVE-2014-9529 (Race condition in the key_gc_unused_keys function in ...)
@@ -72668,9 +72670,7 @@
 	NOT-FOR-US: A Really Simple Chat
 CVE-2011-2177
 	RESERVED
-	- libreoffice <undetermined>
-	- openoffice.org <undetermined>
-	NOTE: no known details
+	NOT-FOR-US: Claimed older OpenOffice vulnerability, which was never disclosed
 CVE-2011-2176 (GNOME NetworkManager before 0.8.6 does not properly enforce the ...)
 	- network-manager 0.9.0-1 (low; bug #631520)
 	[squeeze] - network-manager <no-dsa> (Minor issue)
@@ -105275,7 +105275,8 @@
 CVE-2009-0733 (Multiple stack-based buffer overflows in the ReadSetOfCurves function ...)
 	{DSA-1769-1 DSA-1745-1}
 	- lcms 1.18.dfsg-1 (bug #522446)
-	- openjdk-6 <undetermined>
+	- openjdk-6 6b18-1.8.13-0+squeeze2
+        NOTE: Marking the current oldstable version as fixed, but likely fixed way earlier
 CVE-2009-0732 (Downloadcenter 2.1 stores common.h under the web root with ...)
 	NOT-FOR-US: Downloadcenter
 CVE-2009-0731 (Directory traversal vulnerability in pages/play.php in Free Arcade ...)
@@ -105297,7 +105298,8 @@
 CVE-2009-0723 (Multiple integer overflows in LittleCMS (aka lcms or liblcms) before ...)
 	{DSA-1769-1 DSA-1745-1}
 	- lcms 1.18.dfsg-1 (bug #522446)
-	- openjdk-6 <undetermined>
+	- openjdk-6 6b18-1.8.13-0+squeeze2
+        NOTE: Marking the current oldstable version as fixed, but likely fixed way earlier
 CVE-2009-0722 (Directory traversal vulnerability in admin.php in Potato News 1.0.0 ...)
 	NOT-FOR-US: Potato News
 CVE-2009-0721 (Unspecified vulnerability in Easy Login in the Sender module in HP ...)

More information about the Secure-testing-commits mailing list