[Secure-testing-commits] r44751 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Tue Sep 20 15:40:50 UTC 2016
Author: carnil
Date: 2016-09-20 15:40:50 +0000 (Tue, 20 Sep 2016)
New Revision: 44751
Modified:
data/CVE/list
Log:
Update information for CVE-2013-6499
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-09-20 06:24:21 UTC (rev 44750)
+++ data/CVE/list 2016-09-20 15:40:50 UTC (rev 44751)
@@ -79245,10 +79245,12 @@
REJECTED
CVE-2013-6499 [loading a module relative to the cwd]
RESERVED
- - libmp3-info-perl <unfixed> (bug #777230)
+ - libmp3-info-perl <unfixed> (bug #777230; unimportant)
[jessie] - libmp3-info-perl <no-dsa> (Minor issue)
[wheezy] - libmp3-info-perl <no-dsa> (Minor issue)
[squeeze] - libmp3-info-perl <no-dsa> (Minor issue)
+ NOTE: Marked as unimportant at least for unstable, since the issue is mitigated
+ NOTE: by src:perl not having '.' in INC since 5.22.2-4 by default.
CVE-2013-6498
RESERVED
CVE-2013-6497 (clamscan in ClamAV before 0.98.5, when using -a option, allows remote ...)
More information about the Secure-testing-commits
mailing list