[Secure-testing-commits] r31692 - data/CVE

Moritz Muehlenhoff jmm at moszumanska.debian.org
Mon Jan 26 13:12:38 UTC 2015


Author: jmm
Date: 2015-01-26 13:12:38 +0000 (Mon, 26 Jan 2015)
New Revision: 31692

Modified:
   data/CVE/list
Log:
pax no-dsa
json-glib unimportant


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-01-26 12:29:50 UTC (rev 31691)
+++ data/CVE/list	2015-01-26 13:12:38 UTC (rev 31692)
@@ -1267,11 +1267,13 @@
 	- sqlite3 <undetermined>
 	NOTE: https://www.sqlite.org/src/info/a59ae93ee990a55
 CVE-2015-1194 (pax 1:20140703 allows remote attackers to write to arbitrary files via ...)
-	- pax <unfixed> (bug #774716)
+	- pax <unfixed> (low; bug #774716)
+	[jessie] - pax <no-dsa> (Minor issue)
 	[squeeze] - pax <no-dsa> (Minor issue)
 	[wheezy] - pax <no-dsa> (Minor issue)
 CVE-2015-1193 (Multiple directory traversal vulnerabilities in pax 1:20140703 allow ...)
-	- pax <unfixed> (bug #774716)
+	- pax <unfixed> (low; bug #774716)
+	[jessie] - pax <no-dsa> (Minor issue)
 	[squeeze] - pax <no-dsa> (Minor issue)
 	[wheezy] - pax <no-dsa> (Minor issue)
 CVE-2015-1192 (Absolute path traversal vulnerability in kgb 1.0b4 allows remote ...)
@@ -3235,9 +3237,10 @@
 	NOTE: up to 2014.1.3 and 2014.2 version up to 2014.2.1
 	NOTE: fixed in experimental with 2014.2.1-2
 CVE-2014-XXXX
-	- json-glib <unfixed> (low; bug #772585)
+	- json-glib <unfixed> (unimportant; bug #772585)
 	[squeeze] - json-glib <not-affected> (Tool not yet present)
 	[wheezy] - json-glib <not-affected> (Tool not yet present)
+        NOTE: Negligable security impact
 CVE-2014-9475 (Cross-site scripting (XSS) vulnerability in thumb.php in MediaWiki ...)
 	{DSA-3110-1}
 	- mediawiki 1:1.19.20+dfsg-2.2 (bug #773654)




More information about the Secure-testing-commits mailing list