[Secure-testing-commits] r50984 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Mon Apr 24 09:23:32 UTC 2017
Author: carnil
Date: 2017-04-24 09:23:32 +0000 (Mon, 24 Apr 2017)
New Revision: 50984
Modified:
data/CVE/list
Log:
CVE-2014-9681 got rejected
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-04-24 09:10:12 UTC (rev 50983)
+++ data/CVE/list 2017-04-24 09:23:32 UTC (rev 50984)
@@ -73712,11 +73712,8 @@
[squeeze] - libhtp <no-dsa> (Minor issue)
[wheezy] - libhtp <no-dsa> (Minor issue)
NOTE: https://github.com/inliniac/libhtp/commit/c7c03843cd6b1cbf44eb435d160ba53aec948828
-CVE-2014-9681 [preserves TZ by default]
+CVE-2014-9681
REJECTED
- - procmail <unfixed> (unimportant; bug #778341; bug #772706)
- NOTE: No security boundaries are crossed here
- NOTE: http://www.openwall.com/lists/oss-security/2014/10/15/24
CVE-2014-9680 (sudo before 1.8.12 does not ensure that the TZ environment variable is ...)
{DSA-3167-1 DLA-160-1}
- sudo 1.8.12-1 (bug #772707)
More information about the Secure-testing-commits
mailing list