[Secure-testing-commits] r38671 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sun Jan 3 16:05:20 UTC 2016
Author: carnil
Date: 2016-01-03 16:05:20 +0000 (Sun, 03 Jan 2016)
New Revision: 38671
Modified:
data/CVE/list
Log:
Follow decision for yubiserver for jessie and mark it no-dsa for wheezy
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-01-03 14:57:04 UTC (rev 38670)
+++ data/CVE/list 2016-01-03 16:05:20 UTC (rev 38671)
@@ -26144,10 +26144,12 @@
RESERVED
- yubiserver 0.6-1 (bug #796495)
[jessie] - yubiserver <no-dsa> (Mitigated by toolchain hardening)
+ [wheezy] - yubiserver <no-dsa> (Can be fixed via a point release)
CVE-2015-0842 [SQL injection issues (potential auth bypass)]
RESERVED
- yubiserver 0.6-1 (bug #796495)
[jessie] - yubiserver <no-dsa> (Minor issue)
+ [wheezy] - yubiserver <no-dsa> (Minor issue)
CVE-2015-0841 [off-by-one buffer overflow in Listener::checkActivity in libcapsinetwork/monopd]
RESERVED
- libcapsinetwork <removed> (bug #781044; unimportant)
More information about the Secure-testing-commits
mailing list