Author: jmm
Date: 2014-10-18 18:29:28 +0000 (Sat, 18 Oct 2014)
New Revision: 29512
Modified:
data/CVE/list
Log:
cgit fixed
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-10-18 17:30:14 UTC (rev 29511)
+++ data/CVE/list 2014-10-18 18:29:28 UTC (rev 29512)
@@ -34060,8 +34060,7 @@
{DSA-2694-1}
- spip 2.1.22-1 (bug #709674)
CVE-2013-2117 (Directory traversal vulnerability in the cgit_parse_readme
function in ...)
- - cgit <unfixed>
- TODO: check
+ - cgit <not-affected> (Fixed before the initial upload into the archive)
CVE-2013-2116 (The _gnutls_ciphertext2compressed function in
lib/gnutls_cipher.c in ...)
{DSA-2697-1}
- gnutls26 2.12.23-5 (bug #709301)
@@ -45480,8 +45479,7 @@
CVE-2012-4549 (The processInvocation function in ...)
- jbossas4 <not-affected> (Only builds a few libraries, not the full
application server)
CVE-2012-4548 (Argument injection vulnerability in syntax-highlighting.sh in
cgit ...)
- - cgit <unfixed>
- TODO: check
+ - cgit <not-affected> (Fixed before the initial upload into the archive)
CVE-2012-4547 (Unspecified vulnerability in awredir.pl in AWStats before 7.1
has ...)
- awstats <not-affected>
NOTE: awredir.pl is not installed into the binary package
@@ -45706,8 +45704,7 @@
- ruby1.9.1 1.9.3.194-2 (low; bug #689075)
[squeeze] - ruby1.9.1 <no-dsa> (Minor issue)
CVE-2012-4465 (Heap-based buffer overflow in the substr function in parsing.c
in cgit ...)
- - cgit <unfixed>
- TODO: check
+ - cgit <not-affected> (Fixed before the initial upload into the archive)
CVE-2012-4464 (Ruby 1.9.3 before patchlevel 286 and 2.0 before revision r37068
allows ...)
- ruby1.9.1 1.9.3.194-2 (low; bug #689075)
[squeeze] - ruby1.9.1 <not-affected> (Introduced in 1.9.3)
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
