[Secure-testing-commits] r43104 - data/CVE

Salvatore Bonaccorso Sun, 10 Jul 2016 11:12:06 -0700

Author: carnil
Date: 2016-07-10 18:11:36 +0000 (Sun, 10 Jul 2016)
New Revision: 43104


Modified:
   data/CVE/list
Log:
Add CVE-2014-9905, unverified, possibly already fixed, doublecheck with 
upstream commits, left TODO

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2016-07-10 18:09:38 UTC (rev 43103)
+++ data/CVE/list       2016-07-10 18:11:36 UTC (rev 43104)
@@ -987,6 +987,14 @@
        RESERVED
 CVE-2015-8937
        RESERVED
+CVE-2014-9905 [Script injection in calendar title]
+       - sogo <unfixed>
+       NOTE: 
https://github.com/inverse-inc/sogo/commit/1a7fc2a0e90a19dfb1fce292ae5ff53aa513ade9
+       NOTE: 
https://github.com/inverse-inc/sogo/commit/80a09407652ec04e8c9fb6cb48e1029e69a15765
+       NOTE: 
https://github.com/inverse-inc/sogo/commit/3a5e44e7eb8b390b67a8f8a83030b49606956501
+       NOTE: 
https://github.com/inverse-inc/sogo/commit/c94595ea7f0f843c2d7abf25df039b2bbe707625
+       NOTE: https://sogo.nu/bugs/view.php?id=2598
+       TODO: check versions
 CVE-2014-9904 (The snd_compress_check_input function in 
sound/core/compress_offload.c ...)
        {DSA-3616-1}
        - linux 4.0.2-1


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r43104 - data/CVE

Reply via email to