[Secure-testing-commits] r24945 - data/CVE

Moritz Muehlenhoff Sun, 29 Dec 2013 02:55:27 -0800

Author: jmm
Date: 2013-12-29 10:54:49 +0000 (Sun, 29 Dec 2013)
New Revision: 24945


Modified:
   data/CVE/list
Log:
web2py unimportant
openssl no-dsa


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2013-12-29 10:48:27 UTC (rev 24944)
+++ data/CVE/list       2013-12-29 10:54:49 UTC (rev 24945)
@@ -2103,9 +2103,9 @@
 CVE-2013-6838
        RESERVED
 CVE-2013-6837 (Cross-site scripting (XSS) vulnerability in the setTimeout 
function in ...)
-       - web2py <unfixed>
+       - web2py <unfixed> (unimportant)
        NOTE: python-web2py contains 
/usr/share/web2py/applications/examples/static/js/jquery.prettyPhoto.js
-       TODO: check
+       NOTE: Only an example code
 CVE-2013-6836 (Heap-based buffer overflow in the ms_escher_get_data function 
in ...)
        - gnumeric 1.12.9-1 (low)
        [wheezy] - gnumeric <no-dsa> (Minor issue)
@@ -3044,7 +3044,8 @@
        RESERVED
 CVE-2013-6450 [DTLS retransmission from previous session]
        RESERVED
-       - openssl 1.0.1e-5
+       - openssl 1.0.1e-5 (low)
+       [squeeze] - openssl <no-dsa> (Minor issue, limited DTLS support in 
0.9.8 branch)
 CVE-2013-6449 [crash when using TLS 1.2]
        RESERVED
        - openssl 1.0.1e-5 (bug #732754)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r24945 - data/CVE

Reply via email to