[Secure-testing-commits] r32723 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Mon Mar 9 21:16:59 UTC 2015
Author: jmm
Date: 2015-03-09 21:16:59 +0000 (Mon, 09 Mar 2015)
New Revision: 32723
Modified:
data/CVE/list
Log:
tcllib, suricata no-dsa
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-03-09 21:10:15 UTC (rev 32722)
+++ data/CVE/list 2015-03-09 21:16:59 UTC (rev 32723)
@@ -68,6 +68,7 @@
TODO: check
CVE-2015-XXXX [tcllib XSS]
- tcllib 1.16-dfsg-2 (low; bug #780100)
+ [wheezy] - tcllib <no-dsa> (Minor issue, will be fixed in a point update)
CVE-2015-XXXX [ActiveModel::Name to_json Call Infinite Loop Remote DoS]
- rails <unfixed>
- ruby-activemodel-3.2 <removed>
@@ -328,11 +329,14 @@
NOTE: Upstream patch: https://github.com/ge-ne/bibtool/commit/c6ed92c556f28ca2c738972c647486f9e11424bf
CVE-2015-XXXX [dcerpc: exit()'s on malloc failure]
- suricata <unfixed>
+ [wheezy] - suricata <no-dsa> (Unusable in wheezy, planned for removal)
NOTE: https://github.com/inliniac/suricata/commit/89017d0b03bf715a3f4e11b612c6c7a23549304a
NOTE: Fixed in suricata 2.0.7 upstream
CVE-2015-XXXX [http uri parsing issue]
- libhtp <unfixed>
+ [wheezy] - libhtp <no-dsa> (Unusable in wheezy, planned for removal)
- suricata <unfixed>
+ [wheezy] - suricata <no-dsa> (Unusable in wheezy, planned for removal)
NOTE: https://redmine.openinfosecfoundation.org/issues/1391
NOTE: https://github.com/OISF/libhtp/commit/1a6c9465fb641f81460392f622d1878d5e87fc00
NOTE: Fixed in suricata 2.0.7 and Libhtp 0.5.17 upstream
@@ -3713,6 +3717,7 @@
CVE-2015-0928 [DCERPC traffic parsing issue]
RESERVED
- suricata <unfixed>
+ [wheezy] - suricata <no-dsa> (Unusable in wheezy, planned for removal)
NOTE: https://redmine.openinfosecfoundation.org/issues/1385
NOTE: Commit: https://github.com/inliniac/suricata/commit/56196ace51395fcb2d8fc30d586e9ad782306d31
NOTE: Fixed upstream in 2.0.7
More information about the Secure-testing-commits
mailing list