Author: jmm
Date: 2015-01-05 07:18:31 +0000 (Mon, 05 Jan 2015)
New Revision: 31133
Modified:
data/CVE/list
Log:
new quvi issue
openssl no-dsa
php5 n/a
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-01-05 06:18:08 UTC (rev 31132)
+++ data/CVE/list 2015-01-05 07:18:31 UTC (rev 31133)
@@ -1,3 +1,9 @@
+CVE-2014-XXXX [insecure LUA default load path]
+ - libquvi 0.4.1-3 (low; bug #774555)
+ [wheezy] - libquvi <no-dsa> (Minor issue)
+ [squeeze] - libquvi <no-dsa> (Minor issue)
+CVE-2014-9489
+ NOT-FOR-US: Gollum wiki
CVE-2014-9487
NOT-FOR-US: Mediawiki extension not packaged in src:mediawiki-extensions
CVE-2014-9481
@@ -662,6 +668,8 @@
[wheezy] - file <not-affected> (Introduced in 5.16)
[squeeze] - file <not-affected> (Introduced in 5.16)
- php5 <unfixed>
+ [wheezy] - php5 <not-affected> (Vulnerable code not present)
+ [squeeze] - php5 <not-affected> (Vulnerable code not present)
NOTE: Report: http://mx.gw.com/pipermail/file/2014/001654.html
NOTE: Fix:
https://github.com/file/file/commit/65437cee25199dbd385fb35901bc0011e164276c
NOTE: Introduced by:
https://github.com/file/file/commit/c8451af8ab0c2e2a93ce93b9c68257d31576cc85
(5.16)
@@ -15496,6 +15504,7 @@
- cyassl <unfixed> (bug #769905)
- dwb <unfixed> (unimportant)
- openssl 1.0.1j-1
+ [wheezy] - openssl <no-dsa> (Will be addressed through a point update,
#774299)
- galeon <unfixed> (unimportant)
- gnutls26 <unfixed>
[wheezy] - gnutls26 <no-dsa> (Minor issue)
_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
