[Secure-testing-commits] r40945 - data/CVE

Luciano Bello luciano at moszumanska.debian.org
Thu Apr 14 23:17:07 UTC 2016 

Author: luciano
Date: 2016-04-14 23:17:07 +0000 (Thu, 14 Apr 2016)
New Revision: 40945

Modified:
   data/CVE/list
Log:
more broken links fixing

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-04-14 22:08:45 UTC (rev 40944)
+++ data/CVE/list	2016-04-14 23:17:07 UTC (rev 40945)
@@ -92251,7 +92251,7 @@
 CVE-2012-2807 (Multiple integer overflows in libxml2, as used in Google Chrome before ...)
 	{DSA-2521-1}
 	- libxml2 2.8.0+dfsg1-5 (bug #679280)
-	NOTE: http://git.chromium.org/gitweb/?p=chromium/src.git;a=patch;h=f183580d61c054f7f6bb35cfe29e1b342390fbebcd
+	NOTE: https://git.gnome.org/browse/libxml2/commit/?id=459eeb9dc752d5185f57ff6b135027f11981a626
 CVE-2012-2806 (Heap-based buffer overflow in the get_sos function in jdmarker.c in ...)
 	- libjpeg-turbo <not-affected> (Fixed before initial release)
 CVE-2012-2805
@@ -152199,7 +152199,7 @@
 CVE-2008-2235 (OpenSC before 0.11.5 uses weak permissions (ADMIN file control ...)
 	{DSA-1627-2}
 	- opensc 0.11.4-4
-	NOTE: http://www.opensc-project.org/security.html
+	NOTE: https://web.archive.org/web/20081222095654/http://www.opensc-project.org/security.html
 CVE-2008-2234 (Multiple buffer overflows in Openwsman 1.2.0 and 2.0.0 allow remote ...)
 	NOT-FOR-US: Openwsman
 CVE-2008-2233 (The client in Openwsman 1.2.0 and 2.0.0, in unknown configurations, ...)
@@ -168984,7 +168984,7 @@
 	- jifty 0.91117-1 (low; bug #557748)
 	- webgui <not-affected> (uses system libjs-yui)
 	- loggerhead <not-affected> (uses system libjs-yui)
-	NOTE: see http://www.fortifysoftware.com/servlet/downloads/public/JavaScript_Hijacking.pdf
+	NOTE: see https://web.archive.org/web/20071105202514/http://www.fortifysoftware.com/servlet/downloads/public/JavaScript_Hijacking.pdf 
 	NOTE: This allows to steal data from affected websites. Therefore web applications should
 	NOTE: only be considered vunerabile if they process confidential data.
 	NOTE: The frameworks should be fixed in any case.

More information about the Secure-testing-commits mailing list