[Secure-testing-commits] r32679 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Fri Mar 6 17:28:59 UTC 2015
Author: carnil
Date: 2015-03-06 17:28:59 +0000 (Fri, 06 Mar 2015)
New Revision: 32679
Modified:
data/CVE/list
Log:
Update information for CVE-2014-8154/vala-0.26
Add fixed version from gregoa's NMU (not yet in the archive) and note
about packages which need potentially a rebuild.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-03-06 15:38:07 UTC (rev 32678)
+++ data/CVE/list 2015-03-06 17:28:59 UTC (rev 32679)
@@ -10165,12 +10165,14 @@
- gnutls28 <not-affected> (Initial version 3.0.0-1 already contained the check based on 2.9.10)
NOTE: Fixed by: https://gitorious.org/gnutls/gnutls/commit/897cbce62c0263a498088ac3e465aa5f05f8719c
CVE-2014-8154 (The Gst.MapInfo function in Vala 0.26.0 and 0.26.1 uses an incorrect ...)
- - vala-0.26 <unfixed> (bug #775913)
+ - vala-0.26 0.26.1-1.1 (bug #775913)
- vala-0.16 <not-affected> (MapInfo not yet present)
- vala-0.14 <not-affected> (MapInfo not yet present)
- vala <not-affected> (MapInfo not yet present)
NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=678663
NOTE: https://git.gnome.org/browse/vala/commit/?id=3092537db65887e24a3d3e87a27caf9c5295e4f7
+ NOTE: Binaries with buggy bindings package that use Gst.MapInfo() function
+ NOTE: are affected as well and need to be rebuilt, shotwell, rygel, ...
CVE-2014-8153 (The L3 agent in OpenStack Neutron 2014.2.x before 2014.2.2, when using ...)
- neutron <not-affected> (Affects neutron 2014.2 up to 2014.2.1)
CVE-2014-8152 (Apache Santuario XML Security for Java 2.0.x before 2.0.3 allows ...)
More information about the Secure-testing-commits
mailing list