[Secure-testing-commits] r32721 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Mon Mar 9 19:38:30 UTC 2015
Author: jmm
Date: 2015-03-09 19:38:30 +0000 (Mon, 09 Mar 2015)
New Revision: 32721
Modified:
data/CVE/list
Log:
389-ds-base fixed
novnc n/a for stable
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-03-09 19:27:18 UTC (rev 32720)
+++ data/CVE/list 2015-03-09 19:38:30 UTC (rev 32721)
@@ -1407,6 +1407,7 @@
NOTE: Upstream fix: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=942080643bce061c3dd9d5718d3b745dcb39a8bc (v3.19-rc1)
CVE-2013-XXXX [session hijack through insecurely set session token cookies]
- novnc 1:0.4+dfsg+1+20131010+gitf68af8af3d-4 (bug #778618)
+ [wheezy] - novnc <not-affected> (Only an issue in combination with later OpenStack components)
NOTE: https://github.com/kanaka/noVNC/commit/ad941faddead705cd611921730054767a0b32dcd
NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/02/17/1
CVE-2015-2091 [vulnerability involving the server config context]
@@ -10372,7 +10373,7 @@
RESERVED
CVE-2014-8112 [password hashing bypassed when "nsslapd-unhashed-pw-switch" is set to off]
RESERVED
- - 389-ds-base <unfixed> (bug #779909)
+ - 389-ds-base 1.3.3.5-4 (bug #779909)
CVE-2014-8111
RESERVED
CVE-2014-8110 (Multiple cross-site scripting (XSS) vulnerabilities in the web based ...)
@@ -10398,7 +10399,7 @@
NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2014-12/msg00508.html
CVE-2014-8105 [information disclosure through 'cn=changelog' subtree]
RESERVED
- - 389-ds-base <unfixed> (bug #779909)
+ - 389-ds-base 1.3.3.5-4 (bug #779909)
CVE-2014-8103 (X.Org Server (aka xserver and xorg-server) 1.15.0 through 1.16.x ...)
- xorg-server 2:1.16.2.901-1
[wheezy] - xorg-server <not-affected> (Introduced in 1.15.0)
More information about the Secure-testing-commits
mailing list