[Secure-testing-commits] r37857 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Tue Nov 24 14:41:18 UTC 2015
Author: carnil
Date: 2015-11-24 14:41:18 +0000 (Tue, 24 Nov 2015)
New Revision: 37857
Modified:
data/CVE/list
Log:
Add note to clarify not-affected for jessie of CVE-2015-5286
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-11-24 14:36:22 UTC (rev 37856)
+++ data/CVE/list 2015-11-24 14:41:18 UTC (rev 37857)
@@ -7855,6 +7855,8 @@
- glance 1:11.0.0-1 (bug #800741)
[wheezy] - glance <not-affected> (Vulnerable code not present)
[jessie] - glance <not-affected> (Vulnerable code not present)
+ NOTE: jessie: According to confirmation via upstream the fix for CVE-2014-9623
+ NOTE: was complete here so CVE-2015-5286 not affecting jessie.
NOTE: <=2014.2.3, >=2015.1.0, <=2015.1.1
CVE-2015-5285 (CRLF injection vulnerability in Kallithea before 0.3 allows remote ...)
- kallithea <itp> (bug #689573)
More information about the Secure-testing-commits
mailing list