[Secure-testing-commits] r50621 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Thu Apr 13 10:20:01 UTC 2017
Author: jmm
Date: 2017-04-13 10:20:01 +0000 (Thu, 13 Apr 2017)
New Revision: 50621
Modified:
data/CVE/list
Log:
update status for k8s now that it's in unstable
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-04-13 10:01:52 UTC (rev 50620)
+++ data/CVE/list 2017-04-13 10:20:01 UTC (rev 50621)
@@ -28436,9 +28436,8 @@
NOTE: Might need as well: https://bugzilla.sudo.ws/show_bug.cgi?id=761
CVE-2016-7075
RESERVED
- - kubernetes <itp> (bug #795652)
+ - kubernetes 1.5.5+dfsg-1 (bug #795652)
NOTE: https://github.com/kubernetes/kubernetes/issues/34517
- NOTE: kubernetes entered experimental only so far
CVE-2016-7074
RESERVED
{DSA-3764-1 DLA-798-1}
@@ -34024,8 +34023,7 @@
CVE-2016-5393 (In Apache Hadoop 2.6.x before 2.6.5 and 2.7.x before 2.7.3, a remote ...)
- hadoop <itp> (bug #793644)
CVE-2016-5392 (The API server in Kubernetes, as used in Red Hat OpenShift Enterprise ...)
- - kubernetes <itp> (bug #795652)
- NOTE: kubernetes entered experimental only so far
+ NOT-FOR-US: OpenShift
CVE-2016-5391
RESERVED
- libreswan <not-affected> (Fixed before the initial upload to Debian)
@@ -45906,15 +45904,13 @@
NOTE: http://symfony.com/blog/cve-2016-1902-securerandom-s-fallback-not-secure-when-openssl-fails
NOTE: https://github.com/symfony/symfony/pull/17359
CVE-2016-1906 (The API server in Kubernetes might allow remote attackers to gain ...)
- - kubernetes <itp> (bug #795652)
+ - kubernetes <unfixed>
NOTE: https://github.com/openshift/origin/issues/6556
NOTE: https://github.com/openshift/origin/pull/6576
- NOTE: kubernetes entered experimental only so far
CVE-2016-1905 (The API server in Kubernetes does not properly check admission ...)
- - kubernetes <itp> (bug #795652)
+ - kubernetes <unfixed>
NOTE: https://github.com/kubernetes/kubernetes/issues/19479
NOTE: https://github.com/kubernetes/kubernetes/pull/19481
- NOTE: kubernetes entered experimental only so far
CVE-2016-1904 (Multiple integer overflows in ext/standard/exec.c in PHP 7.x before ...)
- php5 <not-affected> (Vulnerable code not present)
- php5.6 <not-affected> (Vulnerable code not present)
@@ -55129,9 +55125,8 @@
- sosreport 3.2+git276-g7da50d6-3 (unimportant)
NOTE: Neutralised by kernel hardening
CVE-2015-7528 (Kubernetes before 1.2.0-alpha.5 allows remote attackers to read ...)
- - kubernetes <itp> (bug #795652)
+ - kubernetes <not-affected> (Fixed before initial release to archive)
NOTE: https://github.com/kubernetes/kubernetes/pull/17886
- NOTE: kubernetes entered experimental only so far
CVE-2015-7527 (lib/core.php in the Cool Video Gallery plugin 1.9 for WordPress allows ...)
NOT-FOR-US: WordPress plugin cool-video-gallery
CVE-2015-7526
@@ -61106,8 +61101,8 @@
- ironic-inspector 3.2.0-1
NOTE: https://bugs.launchpad.net/ironic-inspector/+bug/1506419
CVE-2015-5305 (Directory traversal vulnerability in Kubernetes, as used in Red Hat ...)
- - kubernetes <itp> (bug #795652)
- NOTE: kubernetes entered experimental only so far
+ - kubernetes <undetermined>
+ NOTE: Might be an issue in OpenShift
CVE-2015-5304 (Red Hat JBoss Enterprise Application Platform (EAP) before 6.4.5 does ...)
NOT-FOR-US: Red Hat JBoss Enterprise Application Platform
CVE-2015-5303 (The TripleO Heat templates (tripleo-heat-templates), when deployed via ...)
More information about the Secure-testing-commits
mailing list