[Secure-testing-commits] r41117 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Sun Apr 24 13:54:17 UTC 2016
Author: jmm
Date: 2016-04-24 13:54:17 +0000 (Sun, 24 Apr 2016)
New Revision: 41117
Modified:
data/CVE/list
Log:
node-marked CVEfied
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-04-24 13:53:26 UTC (rev 41116)
+++ data/CVE/list 2016-04-24 13:54:17 UTC (rev 41117)
@@ -90,8 +90,12 @@
RESERVED
CVE-2015-8855
RESERVED
-CVE-2015-8854
+CVE-2015-8854 [marked: regular expression denial of service]
RESERVED
+ - node-marked <unfixed> (unimportant)
+ NOTE: https://nodesecurity.io/advisories/marked_redos
+ NOTE: https://github.com/chjj/marked/issues/497
+ NOTE: libv8 is not covered by security support
CVE-2014-9772
RESERVED
CVE-2013-7454
@@ -33394,11 +33398,6 @@
[jessie] - rar <no-dsa> (Non-free not supported)
[wheezy] - rar <no-dsa> (Non-free not supported)
[squeeze] - rar <no-dsa> (Not fixed upstream and license does not allow modification)
-CVE-2015-XXXX [regular expression denial of service]
- - node-marked <unfixed> (unimportant)
- NOTE: https://nodesecurity.io/advisories/marked_redos
- NOTE: https://github.com/chjj/marked/issues/497
- NOTE: libv8 is not covered by security support
CVE-2015-1589 (Directory traversal vulnerability in arCHMage 0.2.4 allows remote ...)
- archmage 1:0.2.4-4 (bug #776164)
[squeeze] - archmage <no-dsa> (Minor issue)
More information about the Secure-testing-commits
mailing list