[Secure-testing-commits] r32699 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Mon Mar 9 11:24:12 UTC 2015
Author: jmm
Date: 2015-03-09 11:24:12 +0000 (Mon, 09 Mar 2015)
New Revision: 32699
Modified:
data/CVE/list
Log:
new tcllib issue
filed bugs for libjbcrypt-java and librest
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-03-08 20:40:34 UTC (rev 32698)
+++ data/CVE/list 2015-03-09 11:24:12 UTC (rev 32699)
@@ -1,3 +1,5 @@
+CVE-2015-XXXX [tcllib XSS]
+ - tcllib <unfixed> (low; bug #780100)
CVE-2015-XXXX [ActiveModel::Name to_json Call Infinite Loop Remote DoS]
- rails <unfixed>
- ruby-activemodel-3.2 <removed>
@@ -40,7 +42,7 @@
CVE-2015-2193
RESERVED
CVE-2014-XXXX [Invalid pointer dereference in the GNOME librest library]
- - librest <unfixed>
+ - librest <unfixed> (bug #780101)
[wheezy] - librest <not-affected> (rest_proxy_call_get_url not yet used)
[squeeze] - librest <not-affected> (rest_proxy_call_get_url not yet used)
NOTE: Upstream bug: https://bugzilla.gnome.org/show_bug.cgi?id=742644
@@ -4015,7 +4017,7 @@
CVE-2015-0887 (npppd in the PPP Access Concentrator (PPPAC) on SEIL SEIL/x86 Fuji ...)
TODO: check
CVE-2015-0886 (Integer overflow in the crypt_raw method in the key-stretching ...)
- - libjbcrypt-java <unfixed>
+ - libjbcrypt-java <unfixed> (bug #780102)
CVE-2015-0885 (checkpw 1.02 and earlier allows remote attackers to cause a denial of ...)
TODO: check
CVE-2015-0884 (Unquoted Windows search path vulnerability in Toshiba Bluetooth Stack ...)
More information about the Secure-testing-commits
mailing list