[Secure-testing-commits] r28839 - data/CVE

Joey Hess Tue, 16 Sep 2014 14:15:10 -0700

Author: joeyh
Date: 2014-09-16 21:14:11 +0000 (Tue, 16 Sep 2014)
New Revision: 28839


Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2014-09-16 21:05:00 UTC (rev 28838)
+++ data/CVE/list       2014-09-16 21:14:11 UTC (rev 28839)
@@ -2462,7 +2462,7 @@
        NOTE: Fix MariaDB: 
https://bazaar.launchpad.net/~maria-captains/maria/5.5/revision/4261?sort=date#storage/myisam/ha_myisam.cc
 CVE-2014-5270 [side-channel attack on Elgamal encryption subkeys]
        RESERVED
-       {DSA-3024-1}
+       {DSA-3024-1 DLA-54-1}
        - gnupg 1.4.16-1
        NOTE: 
http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=cad8216f9a0b33c9dc84ecc4f385b00045e7b496
        - libgcrypt11 1.5.4-1
@@ -6318,22 +6318,27 @@
        RESERVED
 CVE-2014-3639
        RESERVED
+       {DSA-3026-1}
        - dbus 1.8.8-1
        NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=80919
 CVE-2014-3638
        RESERVED
+       {DSA-3026-1}
        - dbus 1.8.8-1
        NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=81053
 CVE-2014-3637
        RESERVED
+       {DSA-3026-1}
        - dbus 1.8.8-1
        NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=80559
 CVE-2014-3636
        RESERVED
+       {DSA-3026-1}
        - dbus 1.8.8-1
        NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=82820
 CVE-2014-3635
        RESERVED
+       {DSA-3026-1}
        - dbus 1.8.8-1
        NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=83622
 CVE-2014-3634
@@ -10689,7 +10694,7 @@
        - owncloud 6.0.2+dfsg-1
        - dolibarr 3.5.3+dfsg1-1
        - moodle <unfixed>
-        [squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
+       [squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
        NOTE: dolibarr removed phpexcel in 3.5.3+dfsg1-1 / #729538
        NOTE: moodle also contain a copy of PHPExcel
        NOTE: owncloud does not mention details
@@ -14610,17 +14615,21 @@
        NOT-FOR-US: Flash plugin
 CVE-2014-0490 [incorrect apt-get download validation]
        RESERVED
+       {DSA-3025-1}
        - apt 0.9.12
        NOTE: fixed with commit 
http://anonscm.debian.org/cgit/apt/apt.git/commit/?id=d57f6084aaa3972073114973d149ea2291b36682
        [squeeze] - apt <not-affected> (apt download command and vulnerable 
code not present)
 CVE-2014-0489 [incorrect verification of Acquire::Gzip indexes]
        RESERVED
+       {DSA-3025-1 DLA-53-1}
        - apt 1.0.9
 CVE-2014-0488 [incorrect invalidating of unauthenticated data]
        RESERVED
+       {DSA-3025-1 DLA-53-1}
        - apt 1.0.9
 CVE-2014-0487 [incorrect verification of 304 reply]
        RESERVED
+       {DSA-3025-1 DLA-53-1}
        - apt 1.0.9
 CVE-2014-0486 [remote crash with crafted DNS message]
        RESERVED


_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r28839 - data/CVE

Reply via email to