[Secure-testing-commits] r31848 - data/CVE

security tracker role Fri, 30 Jan 2015 01:11:12 -0800

Author: sectracker
Date: 2015-01-30 09:10:20 +0000 (Fri, 30 Jan 2015)
New Revision: 31848


Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2015-01-30 08:53:39 UTC (rev 31847)
+++ data/CVE/list       2015-01-30 09:10:20 UTC (rev 31848)
@@ -280,12 +280,12 @@
        [squeeze] - unshield <no-dsa> (Minor issue)
 CVE-2015-1382 [invalid read]
        RESERVED
-       {DLA-142-1}
+       {DSA-3145-1 DLA-142-1}
        - privoxy 3.0.21-7 (bug #776490)
        NOTE: 
http://ijbswa.cvs.sourceforge.net/viewvc/ijbswa/current/parsers.c?r1=1.297&r2=1.298
 CVE-2015-1381 [multiple segmentation faults and memory leaks in the pcrs code]
        RESERVED
-       {DLA-142-1}
+       {DSA-3145-1 DLA-142-1}
        - privoxy 3.0.21-7 (bug #776490)
        NOTE: 
http://ijbswa.cvs.sourceforge.net/viewvc/ijbswa/current/pcrs.c?r1=1.46&r2=1.47
 CVE-2015-1380 [DoS]
@@ -3329,6 +3329,7 @@
        - openjdk-8 <not-affected> (Specific to Oracle Java, not present in 
IcedTea)
        NOTE: Due to the vague disclosure policy by Oracle the exact nature is 
unknown
 CVE-2015-0412 (Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 
8u25 ...)
+       {DSA-3144-1}
        - openjdk-6 6b34-1.13.6-1
        - openjdk-7 7u75-2.5.4-1
        - openjdk-8 8u40~b22-1
@@ -3339,6 +3340,7 @@
        - percona-xtradb-cluster-5.5 <undetermined>
        NOTE: 
http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html#AppendixMSQL
 CVE-2015-0410 (Unspecified vulnerability in the Java SE, Java SE Embedded, 
JRockit ...)
+       {DSA-3144-1}
        - openjdk-6 6b34-1.13.6-1
        - openjdk-7 7u75-2.5.4-1
        - openjdk-8 8u40~b22-1
@@ -3349,10 +3351,12 @@
        NOTE: 
http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html#AppendixMSQL
        NOTE: For mariadb-10.0 not clear if affected
 CVE-2015-0408 (Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, 
and ...)
+       {DSA-3144-1}
        - openjdk-6 6b34-1.13.6-1
        - openjdk-7 7u75-2.5.4-1
        - openjdk-8 8u40~b22-1
 CVE-2015-0407 (Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, 
and ...)
+       {DSA-3144-1}
        - openjdk-6 6b34-1.13.6-1
        - openjdk-7 7u75-2.5.4-1
        - openjdk-8 8u40~b22-1
@@ -3385,6 +3389,7 @@
 CVE-2015-0396 (Unspecified vulnerability in the Oracle GlassFish Server 
component in ...)
        NOT-FOR-US: Oracle
 CVE-2015-0395 (Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, 
and ...)
+       {DSA-3144-1}
        - openjdk-6 6b34-1.13.6-1
        - openjdk-7 7u75-2.5.4-1
        - openjdk-8 8u40~b22-1
@@ -3419,6 +3424,7 @@
 CVE-2015-0384 (Unspecified vulnerability in the Siebel Public Sector component 
in ...)
        NOT-FOR-US: Oracle
 CVE-2015-0383 (Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, 
and ...)
+       {DSA-3144-1}
        - openjdk-6 6b34-1.13.6-1
        - openjdk-7 7u75-2.5.4-1
        - openjdk-8 8u40~b22-1
@@ -11301,6 +11307,7 @@
 CVE-2014-6607 (M/Monit 3.3.2 and earlier does not verify the original password 
before ...)
        NOT-FOR-US: M/Monit
 CVE-2014-6601 (Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 
8u25 ...)
+       {DSA-3144-1}
        - openjdk-6 6b34-1.13.6-1
        - openjdk-7 7u75-2.5.4-1
        - openjdk-8 8u40~b22-1
@@ -11321,12 +11328,14 @@
 CVE-2014-6594 (Unspecified vulnerability in the Oracle iLearning component in 
Oracle ...)
        NOT-FOR-US: Oracle iLearning
 CVE-2014-6593 (Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, 
and ...)
+       {DSA-3144-1}
        - openjdk-6 6b34-1.13.6-1
        - openjdk-7 7u75-2.5.4-1
        - openjdk-8 8u40~b22-1
 CVE-2014-6592 (Unspecified vulnerability in the Oracle OpenSSO component in 
Oracle ...)
        NOT-FOR-US: Oracle
 CVE-2014-6591 (Unspecified vulnerability in the Java SE component in Oracle 
Java SE ...)
+       {DSA-3144-1}
        - openjdk-6 6b34-1.13.6-1
        - openjdk-7 7u75-2.5.4-1
        - openjdk-8 8u40~b22-1
@@ -11344,12 +11353,14 @@
        [wheezy] - virtualbox <not-affected> (Introduced in 4.3)
        - virtualbox-ose <not-affected> (Introduced in 4.3)
 CVE-2014-6587 (Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 
8u25 ...)
+       {DSA-3144-1}
        - openjdk-6 6b34-1.13.6-1
        - openjdk-7 7u75-2.5.4-1
        - openjdk-8 8u40~b22-1
 CVE-2014-6586 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS 
component ...)
        NOT-FOR-US: Oracle
 CVE-2014-6585 (Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, 
and ...)
+       {DSA-3144-1}
        - openjdk-6 6b34-1.13.6-1
        - openjdk-7 7u75-2.5.4-1
        - openjdk-8 8u40~b22-1
@@ -18797,7 +18808,7 @@
        {DSA-3053-1 DLA-81-1}
        - openssl 1.0.1j-1
 CVE-2014-3566 (The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and 
other ...)
-       {DSA-3092-1}
+       {DSA-3144-1 DSA-3092-1}
        - arora <unfixed> (unimportant)
        - bouncycastle <not-affected> (SSLv3 needs to be explicitly enabled)
        NOTE: http://www.kb.cert.org/vuls/id/BLUU-9PYTFQ


_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r31848 - data/CVE

Reply via email to