[Secure-testing-commits] r36491 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sat Sep 5 15:37:42 UTC 2015
Author: carnil
Date: 2015-09-05 15:37:42 +0000 (Sat, 05 Sep 2015)
New Revision: 36491
Modified:
data/CVE/list
Log:
First round checked after jessie point release
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-09-05 14:32:30 UTC (rev 36490)
+++ data/CVE/list 2015-09-05 15:37:42 UTC (rev 36491)
@@ -5227,7 +5227,7 @@
- wesnoth-1.13 1:1.13.1-1
- wesnoth-1.12 1:1.12.4-1
- wesnoth-1.10 <removed>
- [jessie] - wesnoth-1.10 <no-dsa> (Minor issue, can be fixed through pu)
+ [jessie] - wesnoth-1.10 1:1.10.7-2+deb8u1
[wheezy] - wesnoth-1.10 <no-dsa> (Minor issue, can be fixed through pu)
- wesnoth-1.8 <removed>
NOTE: https://github.com/wesnoth/wesnoth/commit/b2738ffb2fdd2550ececb74f76f75583c43c8b59
@@ -5237,7 +5237,7 @@
- wesnoth-1.13 1:1.13.1-1
- wesnoth-1.12 1:1.12.4-1
- wesnoth-1.10 <removed>
- [jessie] - wesnoth-1.10 <no-dsa> (Minor issue, can be fixed through pu)
+ [jessie] - wesnoth-1.10 1:1.10.7-2+deb8u1
[wheezy] - wesnoth-1.10 <no-dsa> (Minor issue, can be fixed through pu)
- wesnoth-1.8 <removed>
NOTE: https://github.com/wesnoth/wesnoth/commit/f8914468182e8d0a1551b430c0879ba236fe4d6d
@@ -7948,7 +7948,7 @@
[wheezy] - dcraw <no-dsa> (Minor issue)
[squeeze] - dcraw <no-dsa> (Minor issue)
- ufraw 0.20-3 (bug #786783)
- [jessie] - ufraw <no-dsa> (Minor issue)
+ [jessie] - ufraw 0.20-2+deb8u1
[wheezy] - ufraw <no-dsa> (Minor issue)
[squeeze] - ufraw <no-dsa> (Minor issue)
- libraw 0.16.2-1 (bug #786788)
@@ -7956,7 +7956,7 @@
[wheezy] - libraw <no-dsa> (Minor issue)
[squeeze] - libraw <no-dsa> (Minor issue)
- rawtherapee 4.2-2
- [jessie] - rawtherapee <no-dsa> (Minor issue)
+ [jessie] - rawtherapee 4.2-1+deb8u1
[wheezy] - rawtherapee <no-dsa> (Minor issue)
[squeeze] - rawtherapee <no-dsa> (Minor issue)
- rawstudio <removed>
@@ -8474,7 +8474,7 @@
NOTE: http://www.openwall.com/lists/oss-security/2015/05/13/9
CVE-2015-XXXX [GNUTLS-SA-2015-2]
- gnutls28 3.3.15-1
- [jessie] - gnutls28 <no-dsa> (Minor issue; Can be fixed along with a future DSA)
+ [jessie] - gnutls28 3.3.8-6+deb8u2
- gnutls26 <removed>
[wheezy] - gnutls26 <no-dsa> (Minor issue; Can be fixed along with a future DSA)
[squeeze] - gnutls26 <not-affected> (TLS1.2 not supported)
@@ -8673,7 +8673,7 @@
CVE-2015-3420 [SSL/TLS handshake failures leading to a crash of the login process]
RESERVED
- dovecot 1:2.2.13-12 (bug #783649)
- [jessie] - dovecot <no-dsa> (Minor issue, can be fixed through a pu)
+ [jessie] - dovecot 1:2.2.13-12~deb8u1
[wheezy] - dovecot <not-affected> (Problematic patch introducing the issue not applied)
[squeeze] - dovecot <not-affected> (Vulnerable code not present & not reproducible)
NOTE: http://www.openwall.com/lists/oss-security/2015/04/26/3
@@ -13531,10 +13531,10 @@
NOTE: Fix: http://git.tuxfamily.org/chrony/chrony.git/commit/?h=1.31-security&id=d856bd34c4862398411d29200520e3a3b1d4569e
CVE-2015-1852 (The s3_token middleware in OpenStack keystonemiddleware before 1.6.0 ...)
- python-keystonemiddleware 1.5.0-2
- [jessie] - python-keystonemiddleware <no-dsa> (Minor issue)
+ [jessie] - python-keystonemiddleware 1.0.0-3+deb8u1
- python-keystoneclient 1:1.3.0-2 (bug #783164)
NOTE: originally fixed in 1:0.10.1-3 but then 1:1.3.0-1 was uploaded without the fix
- [jessie] - python-keystoneclient <no-dsa> (Minor issue)
+ [jessie] - python-keystoneclient 1:0.10.1-2+deb8u1
[wheezy] - python-keystoneclient <not-affected> (s3_token middleware not present)
NOTE: https://launchpad.net/bugs/1411063
CVE-2015-1851 (OpenStack Cinder before 2014.1.5 (icehouse), 2014.2.x before 2014.2.4 ...)
More information about the Secure-testing-commits
mailing list