[Secure-testing-commits] r38992 - data/CVE

[security tracker role]

Author: sectracker
Date: 2016-01-17 21:10:13 +0000 (Sun, 17 Jan 2016)
New Revision: 38992

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-01-17 19:12:42 UTC (rev 38991)
+++ data/CVE/list	2016-01-17 21:10:13 UTC (rev 38992)
@@ -457,6 +457,7 @@
 	NOTE: https://github.com/gosa-project/gosa-core/commit/a67a047cba2cdae8bccb0f0e2bc6d3eb45cfcbc8
 CVE-2015-8770 [remote code execution / path traversal]
 	RESERVED
+	{DLA-392-1}
 	- roundcube 1.1.4+dfsg.1-1
 	NOTE: https://roundcube.net/news/2015/12/26/updates-1.1.4-and-1.0.8-released/
 	NOTE: https://github.com/roundcube/roundcubemail/commit/10e5192a2b1bc90ec137f5e69d0aa072c1210d6d
@@ -35405,7 +35406,7 @@
 CVE-2014-7811 (Multiple cross-site scripting (XSS) vulnerabilities in Spacewalk and ...)
 	NOT-FOR-US: Red Hat Satellite / Spacewalk
 CVE-2014-7810 (The Expression Language (EL) implementation in Apache Tomcat 6.x ...)
-	{DSA-3428-1 DLA-232-1}
+	{DSA-3447-1 DSA-3428-1 DLA-232-1}
 	- tomcat6 6.0.41-3 (bug #787010)
 	NOTE: Marked as fixed in 6.0.41-3 which only builds the libservlet2.5-java and libservlet2.5-java-doc packages
 	- tomcat7 7.0.61-1