[Secure-testing-commits] r31842 - data/CVE

[Paul Wise]

Author: pabs
Date: 2015-01-30 07:43:02 +0000 (Fri, 30 Jan 2015)
New Revision: 31842

Modified:
   data/CVE/list
Log:
Add another nodesecurity.io issue in node-marked.

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-01-30 07:31:59 UTC (rev 31841)
+++ data/CVE/list	2015-01-30 07:43:02 UTC (rev 31842)
@@ -1,3 +1,8 @@
+CVE-2015-XXXX (regular expression denial of service)
+	- node-marked <unfixed> (unimportant)
+	NOTE: https://nodesecurity.io/advisories/marked_redos
+	NOTE: https://github.com/chjj/marked/issues/497
+	NOTE: libv8 is not covered by security support
 CVE-2015-XXXX [directory traversal]
 	- archmage <unfixed> (bug #776164)
 CVE-2015-1419 (Unspecified vulnerability in vsftp 3.0.2 and earlier allows remote ...)