[Secure-testing-commits] r31848 - data/CVE

Fri Jan 30 09:10:20 UTC 2015

Author: sectracker
Date: 2015-01-30 09:10:20 +0000 (Fri, 30 Jan 2015)
New Revision: 31848

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================

--- data/CVE/list	2015-01-30 08:53:39 UTC (rev 31847)
+++ data/CVE/list	2015-01-30 09:10:20 UTC (rev 31848)
@@ -280,12 +280,12 @@
 	[squeeze] - unshield <no-dsa> (Minor issue)
 CVE-2015-1382 [invalid read]
 	RESERVED
-	{DLA-142-1}
+	{DSA-3145-1 DLA-142-1}
 	- privoxy 3.0.21-7 (bug #776490)
 	NOTE: http://ijbswa.cvs.sourceforge.net/viewvc/ijbswa/current/parsers.c?r1=1.297&r2=1.298
 CVE-2015-1381 [multiple segmentation faults and memory leaks in the pcrs code]
 	RESERVED
-	{DLA-142-1}
+	{DSA-3145-1 DLA-142-1}
 	- privoxy 3.0.21-7 (bug #776490)
 	NOTE: http://ijbswa.cvs.sourceforge.net/viewvc/ijbswa/current/pcrs.c?r1=1.46&r2=1.47
 CVE-2015-1380 [DoS]
@@ -3329,6 +3329,7 @@
 	- openjdk-8 <not-affected> (Specific to Oracle Java, not present in IcedTea)
 	NOTE: Due to the vague disclosure policy by Oracle the exact nature is unknown
 CVE-2015-0412 (Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 ...)
+	{DSA-3144-1}
 	- openjdk-6 6b34-1.13.6-1
 	- openjdk-7 7u75-2.5.4-1
 	- openjdk-8 8u40~b22-1
@@ -3339,6 +3340,7 @@
 	- percona-xtradb-cluster-5.5 <undetermined>
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html#AppendixMSQL
 CVE-2015-0410 (Unspecified vulnerability in the Java SE, Java SE Embedded, JRockit ...)
+	{DSA-3144-1}
 	- openjdk-6 6b34-1.13.6-1
 	- openjdk-7 7u75-2.5.4-1
 	- openjdk-8 8u40~b22-1
@@ -3349,10 +3351,12 @@
 	NOTE: http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html#AppendixMSQL
 	NOTE: For mariadb-10.0 not clear if affected
 CVE-2015-0408 (Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and ...)
+	{DSA-3144-1}
 	- openjdk-6 6b34-1.13.6-1
 	- openjdk-7 7u75-2.5.4-1
 	- openjdk-8 8u40~b22-1
 CVE-2015-0407 (Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and ...)
+	{DSA-3144-1}
 	- openjdk-6 6b34-1.13.6-1
 	- openjdk-7 7u75-2.5.4-1
 	- openjdk-8 8u40~b22-1
@@ -3385,6 +3389,7 @@
 CVE-2015-0396 (Unspecified vulnerability in the Oracle GlassFish Server component in ...)
 	NOT-FOR-US: Oracle
 CVE-2015-0395 (Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and ...)
+	{DSA-3144-1}
 	- openjdk-6 6b34-1.13.6-1
 	- openjdk-7 7u75-2.5.4-1
 	- openjdk-8 8u40~b22-1
@@ -3419,6 +3424,7 @@
 CVE-2015-0384 (Unspecified vulnerability in the Siebel Public Sector component in ...)
 	NOT-FOR-US: Oracle
 CVE-2015-0383 (Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and ...)
+	{DSA-3144-1}
 	- openjdk-6 6b34-1.13.6-1
 	- openjdk-7 7u75-2.5.4-1
 	- openjdk-8 8u40~b22-1
@@ -11301,6 +11307,7 @@
 CVE-2014-6607 (M/Monit 3.3.2 and earlier does not verify the original password before ...)
 	NOT-FOR-US: M/Monit
 CVE-2014-6601 (Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 ...)
+	{DSA-3144-1}
 	- openjdk-6 6b34-1.13.6-1
 	- openjdk-7 7u75-2.5.4-1
 	- openjdk-8 8u40~b22-1
@@ -11321,12 +11328,14 @@
 CVE-2014-6594 (Unspecified vulnerability in the Oracle iLearning component in Oracle ...)
 	NOT-FOR-US: Oracle iLearning
 CVE-2014-6593 (Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and ...)
+	{DSA-3144-1}
 	- openjdk-6 6b34-1.13.6-1
 	- openjdk-7 7u75-2.5.4-1
 	- openjdk-8 8u40~b22-1
 CVE-2014-6592 (Unspecified vulnerability in the Oracle OpenSSO component in Oracle ...)
 	NOT-FOR-US: Oracle
 CVE-2014-6591 (Unspecified vulnerability in the Java SE component in Oracle Java SE ...)
+	{DSA-3144-1}
 	- openjdk-6 6b34-1.13.6-1
 	- openjdk-7 7u75-2.5.4-1
 	- openjdk-8 8u40~b22-1
@@ -11344,12 +11353,14 @@
 	[wheezy] - virtualbox <not-affected> (Introduced in 4.3)
 	- virtualbox-ose <not-affected> (Introduced in 4.3)
 CVE-2014-6587 (Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 ...)
+	{DSA-3144-1}
 	- openjdk-6 6b34-1.13.6-1
 	- openjdk-7 7u75-2.5.4-1
 	- openjdk-8 8u40~b22-1
 CVE-2014-6586 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS component ...)
 	NOT-FOR-US: Oracle
 CVE-2014-6585 (Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and ...)
+	{DSA-3144-1}
 	- openjdk-6 6b34-1.13.6-1
 	- openjdk-7 7u75-2.5.4-1
 	- openjdk-8 8u40~b22-1
@@ -18797,7 +18808,7 @@
 	{DSA-3053-1 DLA-81-1}
 	- openssl 1.0.1j-1
 CVE-2014-3566 (The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other ...)
-	{DSA-3092-1}
+	{DSA-3144-1 DSA-3092-1}
 	- arora <unfixed> (unimportant)
 	- bouncycastle <not-affected> (SSLv3 needs to be explicitly enabled)
 	NOTE: http://www.kb.cert.org/vuls/id/BLUU-9PYTFQ


