Author: jmm
Date: 2015-04-17 17:22:24 +0000 (Fri, 17 Apr 2015)
New Revision: 33654

Modified:
   data/CVE/list
Log:
multiple no-dsa


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2015-04-17 17:13:58 UTC (rev 33653)
+++ data/CVE/list       2015-04-17 17:22:24 UTC (rev 33654)
@@ -37,10 +37,10 @@
        RESERVED
        [experimental] - gnutls28 3.3.14-1
        - gnutls28 <unfixed>
-       - gnutls26 <removed>
+       [jessie] - gnutls28 <no-dsa> (Minor issue)
+       - gnutls26 <not-affected> (Introduced in 3.3.0)
        NOTE: 
https://gitlab.com/gnutls/gnutls/commit/d6972be33264ecc49a86cd0958209cd7363af1e9
        NOTE: 
https://gitlab.com/gnutls/gnutls/commit/053ae65403216acdb0a4e78b25ad66ee9f444f02
-       TODO: check version
 CVE-2015-3305
        RESERVED
 CVE-2015-3304
@@ -1094,6 +1094,7 @@
        NOTE: http://www.openwall.com/lists/oss-security/2015/04/03/10
 CVE-2015-XXXX [caja automounts USB flash drives and CD/DVD drives while 
session is locked]
        - caja <unfixed> (bug #781608)
+       [jessie] - caja <no-dsa> (Minor issue)
        NOTE: https://github.com/mate-desktop/caja/issues/398
        NOTE: CVE Request: 
http://www.openwall.com/lists/oss-security/2015/04/03/12
 CVE-2015-3013 [Bypass of file blacklist]
@@ -2293,6 +2294,7 @@
        NOTE: Upstream commit: 
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4de930efc23b92ddf88ce91c405ee645fe6e27ea
 CVE-2015-XXXX [Insufficient escaping in user manager allows XSS attack]
        - dokuwiki 0.0.20140929.d-1 (bug #780817)
+       [jessie] - dokuwiki <no-dsa> (Minor issue)
        [wheezy] - dokuwiki <no-dsa> (Minor issue)
        [squeeze] - dokuwiki <no-dsa> (Minor issue)
 CVE-2015-XXXX [Incorrect fix for CVE-2012-1836]
@@ -3352,7 +3354,10 @@
        NOT-FOR-US: Acobot Live Chat & Contact Form plugin for WordPress
 CVE-2015-XXXX [_IO_wstr_overflow integer overflow]
        - eglibc <removed>
+       [wheezy] - eglibc <no-dsa> (Minor issue)
+       [squeeze] - eglibc <no-dsa> (Minor issue)
        - glibc <unfixed> (bug #779587)
+       [jessie] - glibc <no-dsa> (Minor issue)
        NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=17269
        NOTE: Fixed by: 
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=bdf1ff052a8e23d637f2c838fa5642d78fcedc33
        NOTE: CVE Request: 
http://www.openwall.com/lists/oss-security/2015/02/22/15
@@ -3739,8 +3744,10 @@
        NOT-FOR-US: ember.js
 CVE-2015-1865 ["time of check to time of use" race condition fts.c]
        RESERVED
-       - coreutils <unfixed>
-       TODO: check
+       - coreutils <unfixed> (low)
+       [jessie] - coreutils <no-dsa> (Minor issue)
+       [wheezy] - coreutils <no-dsa> (Minor issue)
+       [squeeze] - coreutils <no-dsa> (Minor issue)
 CVE-2015-1864
        RESERVED
        - kallithea <itp> (bug #689573)
@@ -4407,6 +4414,9 @@
 CVE-2015-2060 [directory traversal; related to overlong utf-8 encoding for /]
        RESERVED
        - cabextract 1.6-1 (bug #778753)
+       [jessie] - cabextract <no-dsa> (Minor issue)
+       [wheezy] - cabextract <no-dsa> (Minor issue)
+       [squeeze] - cabextract <no-dsa> (Minor issue)
        NOTE: http://www.openwall.com/lists/oss-security/2015/02/18/3
        NOTE: Upstream commit: http://sourceforge.net/p/libmspack/code/217
        NOTE: CVE assigned for issue were path traversal occurs because the 
unpatched
@@ -7380,6 +7390,7 @@
        RESERVED
        {DSA-3225-1}
        - gst-plugins-bad0.10 <unfixed>
+       [jessie] - gst-plugins-bad0.10 <no-dsa> (Minor impact compared to 
wheezy, no browser attack vector)
 CVE-2015-0796
        RESERVED
 CVE-2015-0795
@@ -9511,6 +9522,7 @@
        NOT-FOR-US: MiniBB
 CVE-2014-9253 (The default file type whitelist configuration in conf/mime.conf 
in the ...)
        - dokuwiki 0.0.20140929.d-1 (bug #773429)
+       [jessie] - dokuwiki <no-dsa> (Minor issue)
        [wheezy] - dokuwiki <no-dsa> (Minor issue)
        [squeeze] - dokuwiki <no-dsa> (Minor issue)
        NOTE: 
https://github.com/splitbrain/dokuwiki/commit/778ddf6f2cd9ed38b9db2d73e823b8c21243a960


_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to