[Secure-testing-commits] r47226 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Mon Dec 19 17:51:56 UTC 2016
Author: jmm
Date: 2016-12-19 17:51:56 +0000 (Mon, 19 Dec 2016)
New Revision: 47226
Modified:
data/CVE/list
Log:
mingw unimportant
remove d-i entry, installation needs to occur in a trusted environment
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-12-19 17:19:37 UTC (rev 47225)
+++ data/CVE/list 2016-12-19 17:51:56 UTC (rev 47226)
@@ -24053,11 +24053,12 @@
- gcc-6 <not-affected> (Uses glibc-internal SSP)
- gcc-5 <not-affected> (Uses glibc-internal SSP)
- gcc-4.9 <not-affected> (Uses glibc-internal SSP)
- - gcc-mingw-w64 <unfixed>
+ - gcc-mingw-w64 <unfixed> (unimportant)
[jessie] - gcc-mingw-w64 <no-dsa> (Minor issue)
[wheezy] - gcc-mingw-w64 <no-dsa> (Minor issue)
- mingw32 <removed>
[wheezy] - mingw32 <no-dsa> (Minor issue)
+ NOTE: Missing security feature, not a direct vulnerability
CVE-2016-4972 (OpenStack Murano before 1.0.3 (liberty) and 2.x before 2.0.1 (mitaka), ...)
- murano 1:2.0.1-1 (bug #828062)
NOTE: Affects: Murano: <=2015.1.1; <=1.0.2; ==2.0.0
@@ -48641,11 +48642,6 @@
NOT-FOR-US: Free Reprintables
CVE-2015-5528 (Cross-site scripting (XSS) vulnerability in the save_order function in ...)
NOT-FOR-US: save_order function in class-floating-social-bar.php in the Floating Social Bar plugin for WordPress
-CVE-2015-XXXX [d-i uses preseed data from DHCP when installing from DVD]
- - debian-installer <unfixed> (low; bug #788634)
- [jessie] - debian-installer <no-dsa> (Can only be fixed through point updates when new images are created)
- [wheezy] - debian-installer <no-dsa> (Can only be fixed through point updates when new images are created)
- [squeeze] - debian-installer <no-dsa> (Installer will not be updated)
CVE-2015-5527
RESERVED
CVE-2015-5526
More information about the Secure-testing-commits
mailing list