[Secure-testing-commits] r32653 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Thu Mar 5 18:12:50 UTC 2015
Author: jmm
Date: 2015-03-05 18:12:50 +0000 (Thu, 05 Mar 2015)
New Revision: 32653
Modified:
data/CVE/list
Log:
one patch issue n/a for squeeze/wheezy
NMUed cpio
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-03-05 16:53:22 UTC (rev 32652)
+++ data/CVE/list 2015-03-05 18:12:50 UTC (rev 32653)
@@ -2917,6 +2917,8 @@
CVE-2014-9637 [With a specific file, patch goes to infinite loop and eats all CPU time]
RESERVED
- patch 2.7.1-7
+ [wheezy] - patch <not-affected> (Vulnerability introduced later)
+ [squeeze] - patch <not-affected> (Vulnerability introduced later)
NOTE: https://savannah.gnu.org/bugs/?44051
NOTE: http://git.savannah.gnu.org/cgit/patch.git/commit/?id=0c08d7a902c6fdd49b704623a12d8d672ef18944
CVE-2015-XXXX [race condition between fur and fex_cleanup may create internal instead of external user]
@@ -4832,7 +4834,7 @@
NOTE: http://www.privoxy.org/announce.txt
NOTE: http://ijbswa.cvs.sourceforge.net/viewvc/ijbswa/current/cgisimple.c?view=patch&r1=1.130&r2=1.131&pathrev=v_3_0_22
CVE-2015-1197 (cpio 2.11, when using the --no-absolute-filenames option, allows local ...)
- - cpio <unfixed> (low; bug #774669)
+ - cpio 2.11+dfsg-4.1 (low; bug #774669)
[wheezy] - cpio <no-dsa> (Minor issue)
[squeeze] - cpio <no-dsa> (Minor issue)
NOTE: Patch used in SUSE: https://bugzilla.suse.com/attachment.cgi?id=599460&action=diff
More information about the Secure-testing-commits
mailing list