[Secure-testing-commits] r38639 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sat Jan 2 05:19:56 UTC 2016
Author: carnil
Date: 2016-01-02 05:19:56 +0000 (Sat, 02 Jan 2016)
New Revision: 38639
Modified:
data/CVE/list
Log:
Revert two 'end-of-life' tagged entries for redmine in wheezy
The fix is in wheezy as fixed in version 1.3.2+dfsg1-1 but wheezy
already has 1.4.4+dfsg1-2+deb7u1.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-01-01 21:10:12 UTC (rev 38638)
+++ data/CVE/list 2016-01-02 05:19:56 UTC (rev 38639)
@@ -85135,7 +85135,6 @@
CVE-2012-2054 (Redmine before 1.3.2 does not properly restrict the use of a hash to ...)
- redmine 1.3.2+dfsg1-1
[squeeze] - redmine <end-of-life> (Redmine not supported because of rails)
- [wheezy] - redmine <end-of-life> (Redmine not supported because of rails)
NOTE: http://www.redmine.org/issues/10390
NOTE: git mirror patch would be 5141f1e..177ff05
CVE-2012-2053 (The sudoers file in the Linux system configuration in F5 FirePass ...)
@@ -89454,7 +89453,6 @@
CVE-2012-0327 (Cross-site scripting (XSS) vulnerability in Redmine before 1.3.2 ...)
- redmine 1.3.2+dfsg1-1
[squeeze] - redmine <end-of-life> (Redmine not supported because of rails)
- [wheezy] - redmine <end-of-life> (Redmine not supported because of rails)
NOTE: http://jvn.jp/en/jp/JVN93406632/
NOTE: patch unclear: difficult to find the patch in 1.3.2 release
CVE-2012-0326 (The twicca application 0.7.0 through 0.9.30 for Android does not ...)
More information about the Secure-testing-commits
mailing list