[Secure-testing-commits] r24687 - data/CVE

Moritz Muehlenhoff Wed, 11 Dec 2013 03:58:16 -0800

Author: jmm
Date: 2013-12-11 11:57:45 +0000 (Wed, 11 Dec 2013)
New Revision: 24687


Modified:
   data/CVE/list
Log:
new libmicrohttpd issue (no-dsa)


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2013-12-11 11:29:14 UTC (rev 24686)
+++ data/CVE/list       2013-12-11 11:57:45 UTC (rev 24687)
@@ -116,10 +116,14 @@
        - python3.3 <unfixed>
        TODO: check
 CVE-2013-7039 [stack overflow in MHD_digest_auth_check()]
-       - libmicrohttpd <unfixed>
+       - libmicrohttpd <unfixed> (low; bug #731933)
+       [squeeze] - libmicrohttpd <no-dsa> (Minor issue, only expoitable in 
corner cases)
+       [wheezy] - libmicrohttpd <no-dsa> (Minor issue, only expoitable in 
corner cases)
        NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1039390
 CVE-2013-7038 [out-of-bounds read in MHD_http_unescape()]
-       - libmicrohttpd <unfixed>
+       - libmicrohttpd <unfixed> (low; bug #731933)
+       [squeeze] - libmicrohttpd <no-dsa> (Minor issue)
+       [wheezy] - libmicrohttpd <no-dsa> (Minor issue)
        NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1039384
 CVE-2013-7024 (The jpeg2000_decode_tile function in libavcodec/jpeg2000dec.c 
in ...)
        - ffmpeg <not-affected> (Vulnerable code not present)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r24687 - data/CVE

Reply via email to