Git-Url: http://git.frugalware.org/gitweb/gitweb.cgi?p=homepage-ng.git;a=commitdiff;h=bfd5a504beff1c67478a0f1b23b171f29774034f
commit bfd5a504beff1c67478a0f1b23b171f29774034f Author: kikadf <[email protected]> Date: Mon Nov 24 08:54:20 2014 +0100 Add FSA for drupal6 diff --git a/frugalware/xml/security.xml b/frugalware/xml/security.xml index b62a8f9..099cb7c 100644 --- a/frugalware/xml/security.xml +++ b/frugalware/xml/security.xml @@ -39,6 +39,19 @@ <fsas> <fsa> + <id>940</id> + <date>2014-11-24</date> + <author>kikadf</author> + <package>drupal6</package> + <vulnerable>6.33-1arcturus1</vulnerable> + <unaffected>6.34-1arcturus1</unaffected> + <bts></bts> + <cve>http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9015 + http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9016</cve> + <desc>Aaron Averill discovered that a specially crafted request can give a user access to another user's session, allowing an attacker to hijack a random session. + Michael Cullum, Javier Nieto and Andres Rojas Guerrero discovered that the password hashing API allows an attacker to send specially crafted requests resulting in CPU and memory exhaustion.</desc> + </fsa> + <fsa> <id>939</id> <date>2014-11-24</date> <author>kikadf</author> _______________________________________________ Frugalware-git mailing list [email protected] http://frugalware.org/mailman/listinfo/frugalware-git
