[Secure-testing-commits] r34038 - data/CVE

security tracker role sectracker at moszumanska.debian.org
Sat May 2 21:10:17 UTC 2015 

Author: sectracker
Date: 2015-05-02 21:10:17 +0000 (Sat, 02 May 2015)
New Revision: 34038

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-05-02 17:54:20 UTC (rev 34037)
+++ data/CVE/list	2015-05-02 21:10:17 UTC (rev 34038)
@@ -1549,11 +1549,13 @@
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/04/03/12
 CVE-2015-3013 [Bypass of file blacklist]
 	RESERVED
+	{DSA-3244-1}
 	[experimental] - owncloud 7.0.5+dfsg-1
 	- owncloud 7.0.4+dfsg-3
 	NOTE: https://owncloud.org/security/advisory/?id=oc-sa-2015-004
 CVE-2015-3012 [Multiple stored XSS in "documents" application]
 	RESERVED
+	{DSA-3244-1}
 	[experimental] - owncloud 7.0.5+dfsg-1
 	- owncloud 7.0.4+dfsg-3
 	- owncloud-documents <itp> (bug #779358)
@@ -1561,6 +1563,7 @@
 	NOTE: https://owncloud.org/security/advisory/?id=oc-sa-2015-002
 CVE-2015-3011 [Multiple stored XSS in "contacts" application]
 	RESERVED
+	{DSA-3244-1}
 	[experimental] - owncloud 7.0.5+dfsg-1
 	- owncloud 7.0.4+dfsg-3
 	- ownclound-contacts <itp> (bug #779055)
@@ -4292,6 +4295,7 @@
 	NOTE: https://launchpad.net/bugs/1430645
 CVE-2015-1855 [OpenSSL extension hostname matching implementation violates RFC 6125]
 	RESERVED
+	{DSA-3247-1 DSA-3246-1 DSA-3245-1}
 	- ruby1.8 <removed>
 	- ruby1.9.1 <removed>
 	- ruby2.0 <removed>
@@ -21589,6 +21593,7 @@
 	NOTE: https://github.com/cogdog/feed2js/pull/12#issuecomment-48283706
 CVE-2014-5008 [Incorrect fix for CVE-2008-4796, escapeshellarg required]
 	RESERVED
+	{DSA-3248-1}
 	- libphp-snoopy 2.0.0-1 (bug #778634)
 	NOTE: http://mstrokin.com/sec/feed2js-magpierss-0day-vulnerability-not-really-it-is-actually-cve-2005-3330-cve-2008-4796/
 	NOTE: This issue exists because of an incorrect fix for CVE-2008-4796 (i.e., use of escapeshellcmd where escapeshellarg was required).
@@ -59955,6 +59960,7 @@
 	NOT-FOR-US: Websense
 CVE-2008-7313 [Incomplete fix for CVE-2008-4796]
 	RESERVED
+	{DSA-3248-1}
 	- libphp-snoopy 2.0.0-1 (bug #778634)
 	NOTE: additional commit missing, so fix for CVE-2008-4796 was incomplete
 	NOTE: http://snoopy.cvs.sourceforge.net/viewvc/snoopy/Snoopy/Snoopy.class.php?view=log#rev1.27

More information about the Secure-testing-commits mailing list