[Secure-testing-commits] r34383 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Thu May 21 13:58:34 UTC 2015
Author: carnil
Date: 2015-05-21 13:58:34 +0000 (Thu, 21 May 2015)
New Revision: 34383
Modified:
data/CVE/list
Log:
Add bug reference for rsync issue
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-05-21 09:10:18 UTC (rev 34382)
+++ data/CVE/list 2015-05-21 13:58:34 UTC (rev 34383)
@@ -15917,13 +15917,14 @@
- nova <not-affected> (ESX driver not enabled in libvirt)
NOTE: https://launchpad.net/bugs/1357372
CVE-2014-XXXX [rsync collision attack]
- - rsync <unfixed> (low)
+ - rsync <unfixed> (low; bug #786423)
[jessie] - rsync <no-dsa> (Minor issue, too instrusive to backport)
[wheezy] - rsync <no-dsa> (Minor issue, too instrusive to backport)
[squeeze] - rsync <no-dsa> (Minor issue, too instrusive to backport)
NOTE: CVE-2014-8242 was only specific assigned for librsync but rsync as equivalent issue
NOTE: https://github.com/therealmik/rsync-collision
NOTE: https://git.samba.org/?p=rsync.git;a=commit;h=eac858085e3ac94ec0ab5061d11f52652c90a869
+ NOTE: https://lists.samba.org/archive/rsync/2015-May/030123.html
CVE-2014-8242
RESERVED
- librsync <unfixed> (low; bug #776246)
More information about the Secure-testing-commits
mailing list