Author: fgeek-guest
Date: 2015-01-27 19:23:02 + (Tue, 27 Jan 2015)
New Revision: 31760
Modified:
data/CVE/list
Log:
qpidd CVE-2015-0223, CVE-2015-0224
Modified: data/CVE/list
===
--- data/CVE/list 2015-01-27 18:58:27
Author: carnil
Date: 2015-01-27 19:41:17 + (Tue, 27 Jan 2015)
New Revision: 31763
Modified:
data/CVE/list
Log:
Three CVEs assigned for privoxy
Modified: data/CVE/list
===
--- data/CVE/list 2015-01-27 19:38:40 UTC (rev
Author: fgeek-guest
Date: 2015-01-27 18:58:27 + (Tue, 27 Jan 2015)
New Revision: 31759
Modified:
data/CVE/list
Log:
NFU. Thanks pabs
Modified: data/CVE/list
===
--- data/CVE/list 2015-01-27 18:25:18 UTC (rev 31758)
+++
Author: carnil
Date: 2015-01-27 19:38:40 + (Tue, 27 Jan 2015)
New Revision: 31762
Modified:
data/CVE/list
Log:
Add CVE-2015-1378/grml-debootstrap, left TODO
Modified: data/CVE/list
===
--- data/CVE/list 2015-01-27
Author: carnil
Date: 2015-01-27 19:36:35 + (Tue, 27 Jan 2015)
New Revision: 31761
Modified:
data/CVE/list
Log:
Add CVE-2015-1377, NFU (webmin)
Modified: data/CVE/list
===
--- data/CVE/list 2015-01-27 19:23:02 UTC (rev
Author: fgeek-guest
Date: 2015-01-27 18:25:18 + (Tue, 27 Jan 2015)
New Revision: 31758
Modified:
data/CVE/list
Log:
socat CVE-2015-1379
Modified: data/CVE/list
===
--- data/CVE/list 2015-01-27 17:54:40 UTC (rev 31757)
Author: carnil
Date: 2015-01-27 20:06:02 + (Tue, 27 Jan 2015)
New Revision: 31764
Modified:
data/CVE/list
Log:
Remove todo item for privoxy issues
Modified: data/CVE/list
===
--- data/CVE/list 2015-01-27 19:41:17 UTC
Author: carnil
Date: 2015-01-27 08:32:14 + (Tue, 27 Jan 2015)
New Revision: 31718
Modified:
data/CVE/list
Log:
Use better reference for CVE-2014-9512/rsync
Modified: data/CVE/list
===
--- data/CVE/list 2015-01-27
Author: carnil
Date: 2015-01-27 08:20:44 + (Tue, 27 Jan 2015)
New Revision: 31717
Modified:
data/CVE/list
Log:
Update mariadb-10.0 entries, two not-affected
Modified: data/CVE/list
===
--- data/CVE/list 2015-01-27
Author: alteholz
Date: 2015-01-27 08:52:51 + (Tue, 27 Jan 2015)
New Revision: 31719
Modified:
data/dla-needed.txt
Log:
take jasper
Modified: data/dla-needed.txt
===
--- data/dla-needed.txt 2015-01-27 08:32:14 UTC (rev 31718)
Author: hertzog
Date: 2015-01-27 09:17:35 + (Tue, 27 Jan 2015)
New Revision: 31720
Modified:
data/CVE/list
Log:
Mark CVE-2014-3566 as no-dsa for gnutls26 on squeeze
Just follow the decision of the security team for wheezy.
Modified: data/CVE/list
Author: carnil
Date: 2015-01-27 08:08:58 + (Tue, 27 Jan 2015)
New Revision: 31716
Modified:
data/CVE/list
Log:
Add CVE-2014-9512, unverified it is referenced in
http://drops.wooyun.org/papers/4762
Modified: data/CVE/list
===
Author: hertzog
Date: 2015-01-27 09:38:07 + (Tue, 27 Jan 2015)
New Revision: 31722
Modified:
data/dla-needed.txt
Log:
Add libarchive to dla-needed for the bsdcpio directory traversal
Modified: data/dla-needed.txt
===
---
Author: hertzog
Date: 2015-01-27 09:37:06 + (Tue, 27 Jan 2015)
New Revision: 31721
Modified:
data/CVE/list
Log:
Mark CVE-2015-1345 as not affecting grep on squeeze/wheezy
The problem has been introduced in v2.18-90-g73893ff (i.e. 2.18
and lower are not affected, and 2.19 is the first
Author: hertzog
Date: 2015-01-27 09:38:36 + (Tue, 27 Jan 2015)
New Revision: 31723
Modified:
data/dla-needed.txt
Log:
Add details about potential DLA on libclamunrar
Modified: data/dla-needed.txt
===
--- data/dla-needed.txt
Author: carnil
Date: 2015-01-27 20:30:56 + (Tue, 27 Jan 2015)
New Revision: 31766
Modified:
data/CVE/list
Log:
Process NFUs
Modified: data/CVE/list
===
--- data/CVE/list 2015-01-27 20:08:12 UTC (rev 31765)
+++
Author: sectracker
Date: 2015-01-27 21:10:16 + (Tue, 27 Jan 2015)
New Revision: 31769
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===
--- data/CVE/list 2015-01-27 20:37:42 UTC (rev 31768)
+++
Author: carnil
Date: 2015-01-27 20:31:04 + (Tue, 27 Jan 2015)
New Revision: 31767
Modified:
data/CVE/list
Log:
Add one rabbitmq-server, not verified
Modified: data/CVE/list
===
--- data/CVE/list 2015-01-27 20:30:56 UTC
Author: carnil
Date: 2015-01-27 21:17:33 + (Tue, 27 Jan 2015)
New Revision: 31771
Modified:
data/CVE/list
Log:
Mark three linux issues as fixed in unstable
NOTE: CVE-2014-8480 need maybe to be double checked
Modified: data/CVE/list
Author: alteholz
Date: 2015-01-27 21:50:33 + (Tue, 27 Jan 2015)
New Revision: 31772
Modified:
data/DLA/list
data/dla-needed.txt
Log:
jasper done
Modified: data/DLA/list
===
--- data/DLA/list 2015-01-27 21:17:33 UTC
Author: carnil
Date: 2015-01-27 21:15:40 + (Tue, 27 Jan 2015)
New Revision: 31770
Modified:
data/CVE/list
Log:
Add CVE-2014-8613/kfreebsd, #776416
Modified: data/CVE/list
===
--- data/CVE/list 2015-01-27 21:10:16 UTC
Author: carnil
Date: 2015-01-27 20:37:42 + (Tue, 27 Jan 2015)
New Revision: 31768
Modified:
data/CVE/list
Log:
Add CVE-2014-8612/kfreebsd
Modified: data/CVE/list
===
--- data/CVE/list 2015-01-27 20:31:04 UTC (rev 31767)
Author: fw
Date: 2015-01-27 15:19:29 + (Tue, 27 Jan 2015)
New Revision: 31738
Modified:
data/CVE/list
Log:
CVE-2015-0235 glibc, eglibc
Modified: data/CVE/list
===
--- data/CVE/list 2015-01-27 12:58:43 UTC (rev 31737)
Author: fw
Date: 2015-01-27 15:21:30 + (Tue, 27 Jan 2015)
New Revision: 31739
Modified:
data/DSA/list
Log:
DSA-3142-1 eglibc
Modified: data/DSA/list
===
--- data/DSA/list 2015-01-27 15:19:29 UTC (rev 31738)
+++
Author: carnil
Date: 2015-01-27 20:08:12 + (Tue, 27 Jan 2015)
New Revision: 31765
Modified:
data/CVE/list
Log:
Process one NFU in WordPress plugin
Modified: data/CVE/list
===
--- data/CVE/list 2015-01-27 20:06:02 UTC
Author: jmm
Date: 2015-01-27 10:22:57 + (Tue, 27 Jan 2015)
New Revision: 31725
Modified:
data/dsa-needed.txt
Log:
add and take vbox
add mike for chromium
Modified: data/dsa-needed.txt
===
--- data/dsa-needed.txt 2015-01-27
Author: jmm
Date: 2015-01-27 11:03:48 + (Tue, 27 Jan 2015)
New Revision: 31728
Modified:
data/CVE/list
Log:
xymon no-dsa
Modified: data/CVE/list
===
--- data/CVE/list 2015-01-27 10:57:58 UTC (rev 31727)
+++
Author: hertzog
Date: 2015-01-27 11:05:38 + (Tue, 27 Jan 2015)
New Revision: 31729
Modified:
data/CVE/list
data/DLA/list
data/DSA/list
data/dla-needed.txt
Log:
Reopen CVE-2014-0191 as the fix we used was incomplete
While investigating CVE-2012-6685 for libnokogiri-ruby, I
Author: jmm
Date: 2015-01-27 11:22:25 + (Tue, 27 Jan 2015)
New Revision: 31731
Modified:
data/DSA/list
data/dsa-needed.txt
Log:
wireshark DSA
Modified: data/DSA/list
===
--- data/DSA/list 2015-01-27 11:08:25 UTC
Author: hertzog
Date: 2015-01-27 11:29:05 + (Tue, 27 Jan 2015)
New Revision: 31734
Modified:
data/CVE/list
Log:
Mark CVE-2014-3566 as no-dsa for openssl/squeeze
The risk of breaking stuff is too high. The security implications have
been widely communicated and the people who are truely
Author: hertzog
Date: 2015-01-27 11:28:58 + (Tue, 27 Jan 2015)
New Revision: 31733
Modified:
data/dla-needed.txt
Log:
Add openjdk-6 to dla-needed
Modified: data/dla-needed.txt
===
--- data/dla-needed.txt 2015-01-27 11:28:54
Author: hertzog
Date: 2015-01-27 11:28:54 + (Tue, 27 Jan 2015)
New Revision: 31732
Modified:
data/CVE/list
Log:
Mark issue without CVE on mutt and texlive-bin as no-dsa for squeeze
Just follow the decision of the security team for wheezy.
Modified: data/CVE/list
Author: jmm
Date: 2015-01-27 10:42:09 + (Tue, 27 Jan 2015)
New Revision: 31726
Modified:
data/DSA/list
data/dsa-needed.txt
Log:
xen DSA
Modified: data/DSA/list
===
--- data/DSA/list 2015-01-27 10:22:57 UTC (rev
Author: jmm
Date: 2015-01-27 10:17:43 + (Tue, 27 Jan 2015)
New Revision: 31724
Modified:
data/CVE/list
Log:
mark another vbox issue as fixed
Modified: data/CVE/list
===
--- data/CVE/list 2015-01-27 09:38:36 UTC (rev
Author: jmm
Date: 2015-01-27 10:57:58 + (Tue, 27 Jan 2015)
New Revision: 31727
Modified:
data/CVE/list
Log:
cpio no-dsa
Modified: data/CVE/list
===
--- data/CVE/list 2015-01-27 10:42:09 UTC (rev 31726)
+++
Author: hertzog
Date: 2015-01-27 11:08:25 + (Tue, 27 Jan 2015)
New Revision: 31730
Modified:
data/dla-needed.txt
Log:
Drop cpio from dla-needed.txt as the CVE has been marked no-dsa by jmm
Modified: data/dla-needed.txt
===
Author: carnil
Date: 2015-01-27 12:10:06 + (Tue, 27 Jan 2015)
New Revision: 31736
Modified:
data/dsa-needed.txt
Log:
Adjust name for chromium-browser in dsa-needed
Modified: data/dsa-needed.txt
===
--- data/dsa-needed.txt
Author: carnil
Date: 2015-01-28 06:19:39 + (Wed, 28 Jan 2015)
New Revision: 31776
Modified:
data/CVE/list
Log:
Add kgb-bot issue, #776424
Modified: data/CVE/list
===
--- data/CVE/list 2015-01-28 05:58:32 UTC (rev 31775)
Author: carnil
Date: 2015-01-28 05:58:32 + (Wed, 28 Jan 2015)
New Revision: 31775
Modified:
data/CVE/list
Log:
Add CVE-2015-0312 from external check, NFU
Modified: data/CVE/list
===
--- data/CVE/list 2015-01-28 04:13:53
Author: carnil
Date: 2015-01-27 16:46:23 + (Tue, 27 Jan 2015)
New Revision: 31745
Modified:
data/CVE/list
Log:
Add fixed version for php5 upload
Modified: data/CVE/list
===
--- data/CVE/list 2015-01-27 16:38:11 UTC (rev
Author: carnil
Date: 2015-01-27 16:47:11 + (Tue, 27 Jan 2015)
New Revision: 31746
Modified:
data/CVE/list
Log:
Add fixed version for CVE-2014-3609/squid, #776194
Modified: data/CVE/list
===
--- data/CVE/list 2015-01-27
Author: carnil
Date: 2015-01-27 16:07:53 + (Tue, 27 Jan 2015)
New Revision: 31740
Modified:
data/CVE/list
Log:
Add bug reference for CVE-2015-0235
Modified: data/CVE/list
===
--- data/CVE/list 2015-01-27 15:21:30 UTC
Author: carnil
Date: 2015-01-27 16:16:40 + (Tue, 27 Jan 2015)
New Revision: 31741
Modified:
data/CVE/list
Log:
CVE assigned for perl issue, #776046
Modified: data/CVE/list
===
--- data/CVE/list 2015-01-27 16:07:53 UTC
Author: hertzog
Date: 2015-01-27 17:35:35 + (Tue, 27 Jan 2015)
New Revision: 31748
Modified:
data/dla-needed.txt
Log:
Add eglibc to dla-needed.txt for CVE-2015-0235
Modified: data/dla-needed.txt
===
--- data/dla-needed.txt
Author: hertzog
Date: 2015-01-27 17:35:26 + (Tue, 27 Jan 2015)
New Revision: 31747
Modified:
data/dla-needed.txt
Log:
Add piwigo to dla-needed.txt
Modified: data/dla-needed.txt
===
--- data/dla-needed.txt 2015-01-27 16:47:11
Author: hertzog
Date: 2015-01-27 17:35:45 + (Tue, 27 Jan 2015)
New Revision: 31750
Modified:
data/dla-needed.txt
Log:
Add polarssl to dla-needed.txt
Modified: data/dla-needed.txt
===
--- data/dla-needed.txt 2015-01-27
Author: hertzog
Date: 2015-01-27 17:36:00 + (Tue, 27 Jan 2015)
New Revision: 31752
Modified:
data/CVE/list
Log:
Try to clarify the situation of pound related to the various SSL issues
Modified: data/CVE/list
===
---
Author: hertzog
Date: 2015-01-27 17:35:42 + (Tue, 27 Jan 2015)
New Revision: 31749
Modified:
data/CVE/list
Log:
Mark CVE-2014-3566 as no-dsa for polarssl/squeeze
Follow the decision of the security team for wheezy.
Modified: data/CVE/list
Author: hertzog
Date: 2015-01-27 17:35:52 + (Tue, 27 Jan 2015)
New Revision: 31751
Modified:
data/CVE/list
Log:
Fix bug number for CVE-2012-4929 on pound
Bug #727197 is about the CRIME attack. The former one was unrelated.
Modified: data/CVE/list
Author: carnil
Date: 2015-01-27 16:24:47 + (Tue, 27 Jan 2015)
New Revision: 31742
Modified:
data/CVE/list
Log:
bug was reassigned for eglibc source package, mark accordingly
Modified: data/CVE/list
===
--- data/CVE/list
Author: carnil
Date: 2015-01-27 16:32:39 + (Tue, 27 Jan 2015)
New Revision: 31743
Modified:
data/CVE/list
Log:
Add new linux issue
Modified: data/CVE/list
===
--- data/CVE/list 2015-01-27 16:24:47 UTC (rev 31742)
+++
Author: carnil
Date: 2015-01-27 16:38:11 + (Tue, 27 Jan 2015)
New Revision: 31744
Modified:
data/CVE/list
Log:
Two CVEs assigned for rabbitmq-server
Modified: data/CVE/list
===
--- data/CVE/list 2015-01-27 16:32:39 UTC
Author: carnil
Date: 2015-01-27 17:42:29 + (Tue, 27 Jan 2015)
New Revision: 31753
Modified:
data/CVE/list
Log:
Add fixed version for polarssl
Modified: data/CVE/list
===
--- data/CVE/list 2015-01-27 17:36:00 UTC (rev
Author: carnil
Date: 2015-01-27 17:42:37 + (Tue, 27 Jan 2015)
New Revision: 31754
Modified:
data/CVE/list
Log:
Add fixed version for jasper, #775970
Modified: data/CVE/list
===
--- data/CVE/list 2015-01-27 17:42:29 UTC
Author: fgeek-guest
Date: 2015-01-27 17:52:40 + (Tue, 27 Jan 2015)
New Revision: 31755
Modified:
data/CVE/list
Log:
osvdb.org URL cleanup
Modified: data/CVE/list
===
--- data/CVE/list 2015-01-27 17:42:37 UTC (rev 31754)
Author: fgeek-guest
Date: 2015-01-27 17:53:40 + (Tue, 27 Jan 2015)
New Revision: 31756
Modified:
data/CVE/list
Log:
Syntax fix
Modified: data/CVE/list
===
--- data/CVE/list 2015-01-27 17:52:40 UTC (rev 31755)
+++
Author: fgeek-guest
Date: 2015-01-27 17:54:40 + (Tue, 27 Jan 2015)
New Revision: 31757
Modified:
data/CVE/list
Log:
nodesecurity.io issues got CVEs
Modified: data/CVE/list
===
--- data/CVE/list 2015-01-27 17:53:40 UTC
Author: carnil
Date: 2015-01-28 04:13:53 + (Wed, 28 Jan 2015)
New Revision: 31774
Modified:
data/CVE/list
Log:
Two CVEs assigned for patch
Modified: data/CVE/list
===
--- data/CVE/list 2015-01-28 01:45:23 UTC (rev
58 matches
Mail list logo