[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add reason for not-affected for two CVEs

Salvatore Bonaccorso carnil at debian.org
Mon Feb 5 05:19:25 UTC 2018 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
9140f2b4 by Salvatore Bonaccorso at 2018-02-05T06:18:51+01:00
Add reason for not-affected for two CVEs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -111787,7 +111787,7 @@ CVE-2015-XXXX [XSS in group administration]
 	[jessie] - php-horde 5.2.1+debian0-2+deb8u1
 	NOTE: https://github.com/horde/horde/commit/dae5277746abe613de0cacc004e95e9ed9d78220
 CVE-2015-4053 (The admin command in ceph-deploy before 1.5.25 uses world-readable ...)
-	- ceph-deploy <not-affected>
+	- ceph-deploy <not-affected> (Fixed with initial upload to Debian)
 	NOTE: http://tracker.ceph.com/issues/11694
 CVE-2015-4049 (Unisys Libra 43xx, 63xx, and 83xx, and FS600 class systems with ...)
 	NOT-FOR-US: Unisys Libra
@@ -114929,7 +114929,7 @@ CVE-2015-4085 (Directory traversal vulnerability in node/hooks/express/tests.js 
 CVE-2015-3297 (Directory traversal vulnerability in node/utils/Minify.js in Etherpad ...)
 	- etherpad-lite <itp> (bug #576998)
 CVE-2015-3010 (ceph-deploy before 1.5.23 uses weak permissions (644) for ...)
-	- ceph-deploy <not-affected>
+	- ceph-deploy <not-affected> (Fixed with initial upload to Debian)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/04/09/9
 CVE-2015-3405 (ntp-keygen in ntp 4.2.8px before 4.2.8p2-RC2 and 4.3.x before 4.3.12 ...)
 	{DSA-3223-1 DLA-192-1}



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/9140f2b4174f68735d4d4d5f2ebb67148cb42a8d

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/9140f2b4174f68735d4d4d5f2ebb67148cb42a8d
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180205/68d5f568/attachment-0001.html>

More information about the Secure-testing-commits mailing list