Author: carnil
Date: 2015-03-30 20:48:40 +0000 (Mon, 30 Mar 2015)
New Revision: 33263
Modified:
data/CVE/list
Log:
Add CVE-2014-8119/netcf
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-03-30 20:34:08 UTC (rev 33262)
+++ data/CVE/list 2015-03-30 20:48:40 UTC (rev 33263)
@@ -11934,8 +11934,13 @@
- eglibc <removed> (low)
CVE-2014-8120 (The agent in Thermostat before 1.0.6, when using unspecified
...)
NOT-FOR-US: Thermostat Hotspot instrumentation
-CVE-2014-8119
+CVE-2014-8119 [augeas path expression injection via interface name]
RESERVED
+ - netcf <unfixed>
+ NOTE: Issue is in the way the netcf's find_ifcfg_path() function
processed
+ NOTE: certain XPath expressions according to Red Hat bugzilla. But
augeas has
+ NOTE: as well recieved a fix to completely fix the issue.
+ TODO: check
CVE-2014-8118 (Integer overflow in RPM 4.12 and earlier allows remote
attackers to ...)
{DSA-3129-1 DLA-140-1}
- rpm 4.11.3-1.1 (bug #773101)
_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
