Author: carnil Date: 2015-05-06 03:32:06 +0000 (Wed, 06 May 2015) New Revision: 34089
Modified: data/CVE/list Log: Mark two docker.io CVEs as fixed in unstable NOTE: Actually the two CVE assignments are not that clear, see as well follow-ups on oss-security. But Red Hat's docker.io maintainer confirmed for both to be fixed in 1.5. https://marc.info/?l=oss-security&m=142724143406574&w=2 gives a bit more of information but not enough to state what the issues are exactly. Modified: data/CVE/list =================================================================== --- data/CVE/list 2015-05-06 00:26:36 UTC (rev 34088) +++ data/CVE/list 2015-05-06 03:32:06 UTC (rev 34089) @@ -36220,11 +36220,11 @@ NOTE: fix: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a08d3b3b99efd509133946056531cdf8f3a0c09b CVE-2014-0048 [multiple files downloaded over HTTP and executed or used unsafely] RESERVED - - docker.io <unfixed> + - docker.io 1.6.0+dfsg1-1 NOTE: According to Red Hat bug no longer present in 1.5 CVE-2014-0047 [multiple temporary file creation vulnerabilities] RESERVED - - docker.io <unfixed> + - docker.io 1.6.0+dfsg1-1 NOTE: According to Red Hat bug no longer present in 1.5 CVE-2014-0046 (Cross-site scripting (XSS) vulnerability in the link-to helper in ...) NOT-FOR-US: ember.js _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
