[Secure-testing-commits] r43104 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sun Jul 10 18:11:36 UTC 2016
Author: carnil
Date: 2016-07-10 18:11:36 +0000 (Sun, 10 Jul 2016)
New Revision: 43104
Modified:
data/CVE/list
Log:
Add CVE-2014-9905, unverified, possibly already fixed, doublecheck with upstream commits, left TODO
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-07-10 18:09:38 UTC (rev 43103)
+++ data/CVE/list 2016-07-10 18:11:36 UTC (rev 43104)
@@ -987,6 +987,14 @@
RESERVED
CVE-2015-8937
RESERVED
+CVE-2014-9905 [Script injection in calendar title]
+ - sogo <unfixed>
+ NOTE: https://github.com/inverse-inc/sogo/commit/1a7fc2a0e90a19dfb1fce292ae5ff53aa513ade9
+ NOTE: https://github.com/inverse-inc/sogo/commit/80a09407652ec04e8c9fb6cb48e1029e69a15765
+ NOTE: https://github.com/inverse-inc/sogo/commit/3a5e44e7eb8b390b67a8f8a83030b49606956501
+ NOTE: https://github.com/inverse-inc/sogo/commit/c94595ea7f0f843c2d7abf25df039b2bbe707625
+ NOTE: https://sogo.nu/bugs/view.php?id=2598
+ TODO: check versions
CVE-2014-9904 (The snd_compress_check_input function in sound/core/compress_offload.c ...)
{DSA-3616-1}
- linux 4.0.2-1
More information about the Secure-testing-commits
mailing list