[Secure-testing-commits] r36888 - data/CVE
Raphaël Hertzog
hertzog at moszumanska.debian.org
Tue Sep 29 14:36:54 UTC 2015
Author: hertzog
Date: 2015-09-29 14:36:54 +0000 (Tue, 29 Sep 2015)
New Revision: 36888
Modified:
data/CVE/list
Log:
Update mininal version of vlc with fix for CVE-2014-9743
jessie is not affected, other releases are, but mark
is as no-dsa for squeeze.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-09-29 14:21:22 UTC (rev 36887)
+++ data/CVE/list 2015-09-29 14:36:54 UTC (rev 36888)
@@ -2603,8 +2603,8 @@
CVE-2015-6253
RESERVED
CVE-2014-9743 (Cross-site scripting (XSS) vulnerability in the httpd_HtmlError ...)
- - vlc 2.2.1-4
- NOTE: might be fixed earlier, but this was the version checked
+ - vlc 2.2.0~rc2-1
+ [squeeze] - vlc <no-dsa> (Minor issue)
CVE-2015-6526 (The perf_callchain_user_64 function in arch/powerpc/perf/callchain.c ...)
- linux 4.1.3-1
[jessie] - linux 3.16.7-ckt11-1
More information about the Secure-testing-commits
mailing list