[Secure-testing-commits] r31848 - data/CVE
security tracker role
sectracker at moszumanska.debian.org
Fri Jan 30 09:10:20 UTC 2015
Author: sectracker
Date: 2015-01-30 09:10:20 +0000 (Fri, 30 Jan 2015)
New Revision: 31848
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-01-30 08:53:39 UTC (rev 31847)
+++ data/CVE/list 2015-01-30 09:10:20 UTC (rev 31848)
@@ -280,12 +280,12 @@
[squeeze] - unshield <no-dsa> (Minor issue)
CVE-2015-1382 [invalid read]
RESERVED
- {DLA-142-1}
+ {DSA-3145-1 DLA-142-1}
- privoxy 3.0.21-7 (bug #776490)
NOTE: http://ijbswa.cvs.sourceforge.net/viewvc/ijbswa/current/parsers.c?r1=1.297&r2=1.298
CVE-2015-1381 [multiple segmentation faults and memory leaks in the pcrs code]
RESERVED
- {DLA-142-1}
+ {DSA-3145-1 DLA-142-1}
- privoxy 3.0.21-7 (bug #776490)
NOTE: http://ijbswa.cvs.sourceforge.net/viewvc/ijbswa/current/pcrs.c?r1=1.46&r2=1.47
CVE-2015-1380 [DoS]
@@ -3329,6 +3329,7 @@
- openjdk-8 <not-affected> (Specific to Oracle Java, not present in IcedTea)
NOTE: Due to the vague disclosure policy by Oracle the exact nature is unknown
CVE-2015-0412 (Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 ...)
+ {DSA-3144-1}
- openjdk-6 6b34-1.13.6-1
- openjdk-7 7u75-2.5.4-1
- openjdk-8 8u40~b22-1
@@ -3339,6 +3340,7 @@
- percona-xtradb-cluster-5.5 <undetermined>
NOTE: http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html#AppendixMSQL
CVE-2015-0410 (Unspecified vulnerability in the Java SE, Java SE Embedded, JRockit ...)
+ {DSA-3144-1}
- openjdk-6 6b34-1.13.6-1
- openjdk-7 7u75-2.5.4-1
- openjdk-8 8u40~b22-1
@@ -3349,10 +3351,12 @@
NOTE: http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html#AppendixMSQL
NOTE: For mariadb-10.0 not clear if affected
CVE-2015-0408 (Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and ...)
+ {DSA-3144-1}
- openjdk-6 6b34-1.13.6-1
- openjdk-7 7u75-2.5.4-1
- openjdk-8 8u40~b22-1
CVE-2015-0407 (Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and ...)
+ {DSA-3144-1}
- openjdk-6 6b34-1.13.6-1
- openjdk-7 7u75-2.5.4-1
- openjdk-8 8u40~b22-1
@@ -3385,6 +3389,7 @@
CVE-2015-0396 (Unspecified vulnerability in the Oracle GlassFish Server component in ...)
NOT-FOR-US: Oracle
CVE-2015-0395 (Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and ...)
+ {DSA-3144-1}
- openjdk-6 6b34-1.13.6-1
- openjdk-7 7u75-2.5.4-1
- openjdk-8 8u40~b22-1
@@ -3419,6 +3424,7 @@
CVE-2015-0384 (Unspecified vulnerability in the Siebel Public Sector component in ...)
NOT-FOR-US: Oracle
CVE-2015-0383 (Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and ...)
+ {DSA-3144-1}
- openjdk-6 6b34-1.13.6-1
- openjdk-7 7u75-2.5.4-1
- openjdk-8 8u40~b22-1
@@ -11301,6 +11307,7 @@
CVE-2014-6607 (M/Monit 3.3.2 and earlier does not verify the original password before ...)
NOT-FOR-US: M/Monit
CVE-2014-6601 (Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 ...)
+ {DSA-3144-1}
- openjdk-6 6b34-1.13.6-1
- openjdk-7 7u75-2.5.4-1
- openjdk-8 8u40~b22-1
@@ -11321,12 +11328,14 @@
CVE-2014-6594 (Unspecified vulnerability in the Oracle iLearning component in Oracle ...)
NOT-FOR-US: Oracle iLearning
CVE-2014-6593 (Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and ...)
+ {DSA-3144-1}
- openjdk-6 6b34-1.13.6-1
- openjdk-7 7u75-2.5.4-1
- openjdk-8 8u40~b22-1
CVE-2014-6592 (Unspecified vulnerability in the Oracle OpenSSO component in Oracle ...)
NOT-FOR-US: Oracle
CVE-2014-6591 (Unspecified vulnerability in the Java SE component in Oracle Java SE ...)
+ {DSA-3144-1}
- openjdk-6 6b34-1.13.6-1
- openjdk-7 7u75-2.5.4-1
- openjdk-8 8u40~b22-1
@@ -11344,12 +11353,14 @@
[wheezy] - virtualbox <not-affected> (Introduced in 4.3)
- virtualbox-ose <not-affected> (Introduced in 4.3)
CVE-2014-6587 (Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 ...)
+ {DSA-3144-1}
- openjdk-6 6b34-1.13.6-1
- openjdk-7 7u75-2.5.4-1
- openjdk-8 8u40~b22-1
CVE-2014-6586 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS component ...)
NOT-FOR-US: Oracle
CVE-2014-6585 (Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and ...)
+ {DSA-3144-1}
- openjdk-6 6b34-1.13.6-1
- openjdk-7 7u75-2.5.4-1
- openjdk-8 8u40~b22-1
@@ -18797,7 +18808,7 @@
{DSA-3053-1 DLA-81-1}
- openssl 1.0.1j-1
CVE-2014-3566 (The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other ...)
- {DSA-3092-1}
+ {DSA-3144-1 DSA-3092-1}
- arora <unfixed> (unimportant)
- bouncycastle <not-affected> (SSLv3 needs to be explicitly enabled)
NOTE: http://www.kb.cert.org/vuls/id/BLUU-9PYTFQ
More information about the Secure-testing-commits
mailing list