[Secure-testing-commits] r26777 - data/CVE

Fri, 02 May 2014 00:44:04 -0700 

Author: jmm
Date: 2014-05-02 07:43:48 +0000 (Fri, 02 May 2014)
New Revision: 26777

Modified:
   data/CVE/list
Log:
new netty issue (no-dsa)
new potential mcollective issue
NFUs
(concludes external check)


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2014-05-02 07:29:49 UTC (rev 26776)
+++ data/CVE/list       2014-05-02 07:43:48 UTC (rev 26777)
@@ -7257,9 +7257,9 @@
 CVE-2014-0365
        RESERVED
 CVE-2014-0364 (The ParseRoster component in the Ignite Realtime Smack XMPP API 
before ...)
-       TODO: check
+       NOT-FOR-US: smack userspace tools, was once ITPed, but closed (637964)
 CVE-2014-0363 (The ServerTrustManager component in the Ignite Realtime Smack 
XMPP API ...)
-       TODO: check
+       NOT-FOR-US: smack userspace tools, was once ITPed, but closed (637964)
 CVE-2014-0362
        RESERVED
 CVE-2014-0361 (The default configuration of IBM 4690 OS, as used in Toshiba 
Global ...)
@@ -7910,6 +7910,9 @@
        RESERVED
 CVE-2014-0193
        RESERVED
+       - netty <unfixed>
+       [squeeze] - netty <no-dsa> (Minor issue)
+       [wheezy] - netty <no-dsa> (Minor issue)
 CVE-2014-0192 [provisioning templates are world accessible]
        RESERVED
        - foreman <itp> (bug #663101)
@@ -7990,6 +7993,7 @@
        - wordpress 3.8.2+dfsg-1 (bug #744018)
 CVE-2014-0164
        RESERVED
+       - mcollective <unfixed>
 CVE-2014-0163
        RESERVED
 CVE-2014-0162 (The Sheepdog backend in OpenStack Image Registry and Delivery 
Service ...)
@@ -8037,6 +8041,7 @@
        - qemu-kvm <removed>
 CVE-2014-0149
        RESERVED
+       NOT-FOR-US: JBoss Seam
 CVE-2014-0148
        RESERVED
        - qemu 2.0.0+dfsg-1 (bug #742730)
@@ -8168,8 +8173,10 @@
        NOT-FOR-US: Apache Syncope
 CVE-2014-0110
        RESERVED
+       NOT-FOR-US: Apache CXF
 CVE-2014-0109
        RESERVED
+       NOT-FOR-US: Apache CXF
 CVE-2014-0108
        RESERVED
 CVE-2014-0107 (The TransformerFactory in Apache Xalan-Java before 2.7.2 does 
not ...)
@@ -28217,8 +28224,10 @@
        RESERVED
 CVE-2013-0035
        RESERVED
+       NOT-FOR-US: Apache CXF
 CVE-2013-0034
        RESERVED
+       NOT-FOR-US: Apache CXF
 CVE-2013-0033
        RESERVED
 CVE-2013-0032


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to