[Secure-testing-commits] r32875 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sun Mar 15 05:40:24 UTC 2015
Author: carnil
Date: 2015-03-15 05:40:24 +0000 (Sun, 15 Mar 2015)
New Revision: 32875
Modified:
data/CVE/list
Log:
CVE assigned for null pointer dereference issue in libcsoap
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-03-15 04:38:30 UTC (rev 32874)
+++ data/CVE/list 2015-03-15 05:40:24 UTC (rev 32875)
@@ -1631,11 +1631,12 @@
NOTE: code does neither of the following: 1) checking for slashes after decoding
NOTE: 2) checking for ordinary slashes before decoding and prohibiting overlong
NOTE: encodings
-CVE-2015-XXXX [Vulnerabilities in nanohttp]
+CVE-2015-2297 [Remote null pointer dereference]
- libcsoap <unfixed> (bug #778599)
[squeeze] - libcsoap <no-dsa> (Minor issue)
[wheezy] - libcsoap <no-dsa> (Minor issue)
- NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/02/17/2
+ NOTE: CVE assigned only for the null pointer dereference, not all issues in
+ NOTE: http://www.openwall.com/lists/oss-security/2015/02/17/2
CVE-2014-9684 (OpenStack Image Registry and Delivery Service (Glance) 2014.2 through ...)
- glance <not-affected> (Only affects 2014.2.x releases, only present in experimental)
[wheezy] - glance <not-affected> (Vulnerable code not present)
More information about the Secure-testing-commits
mailing list