[Secure-testing-commits] r40492 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Mon Mar 21 07:23:52 UTC 2016
Author: jmm
Date: 2016-03-21 07:23:52 +0000 (Mon, 21 Mar 2016)
New Revision: 40492
Modified:
data/CVE/list
Log:
new moodle issues
drop openssl entry, not treated as a security issue by upstream
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-03-21 05:24:30 UTC (rev 40491)
+++ data/CVE/list 2016-03-21 07:23:52 UTC (rev 40492)
@@ -1,6 +1,3 @@
-CVE-2012-XXXX [openssl: buffer overflow]
- - openssl 1.0.2g-1 (bug #675436)
- NOTE: http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=7ba08a4d73c1bdfd3aced09a628b1d7d7747cdca
CVE-2016-3615
RESERVED
CVE-2016-3614
@@ -3852,8 +3849,6 @@
NOTE: issue introduced in ~2008 with the SIP timer support implementation (https://issues.asterisk.org/jira/browse/ASTERISK-4257 https://issues.asterisk.org/jira/browse/ASTERISK-5187), so squeeze also vulnerable
NOTE: patch for jessie / 11: https://code.asterisk.org/code/changelog/asterisk?cs=882e85388295eac8eebd0b82e71a9af0a769b41f
NOTE: all versions vulnerable, backport required for wheezy
-CVE-2016-XXXX [simpleid: passwords are stored as MD5]
- - simpleid <unfixed> (bug #813611)
CVE-2015-8807 [XSS in Horde_Core_VarRenderer_Html]
RESERVED
{DSA-3496-1}
@@ -3993,10 +3988,12 @@
RESERVED
CVE-2016-2153
RESERVED
-CVE-2016-2152
+CVE-2016-2152 [MSA-16-0004: XSS from profile fields from external db]
RESERVED
-CVE-2016-2151
+ - moodle <unfixed>
+CVE-2016-2151 [MSA-16-0003: Incorrect capability check when displaying users emails in Participants list]
RESERVED
+ - moodle <unfixed>
CVE-2016-2150
RESERVED
CVE-2016-2149
More information about the Secure-testing-commits
mailing list