Author: fgeek-guest
Date: 2014-10-16 14:36:56 +0000 (Thu, 16 Oct 2014)
New Revision: 29431
Modified:
data/CVE/list
Log:
CVE-2014-8760/ejabberd
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-10-16 12:12:10 UTC (rev 29430)
+++ data/CVE/list 2014-10-16 14:36:56 UTC (rev 29431)
@@ -6,8 +6,11 @@
RESERVED
CVE-2014-8761
RESERVED
-CVE-2014-8760
+CVE-2014-8760 [ejabberd: compression allows cirucumvention of encryption
despite starttls_required]
RESERVED
+ - ejabberd <unfixed>
+ NOTE:
http://mail.jabber.org/pipermail/operators/2014-October/002438.html
+ NOTE: Patch https://github.com/processone/ejabberd/commit/7bdc1151b
CVE-2014-8759
RESERVED
CVE-2014-8758
@@ -464,10 +467,6 @@
TODO: check
CVE-2014-8075 (Cross-site scripting (XSS) vulnerability in the Tribune module
6.x-1.x ...)
TODO: check
-CVE-2014-XXXX [ejabberd: compression allows cirucumvention of encryption
despite starttls_required]
- - ejabberd <unfixed>
- NOTE:
http://mail.jabber.org/pipermail/operators/2014-October/002438.html
- NOTE: Patch https://github.com/processone/ejabberd/commit/7bdc1151b
CVE-2014-8766 (Multiple SQL injection vulnerabilities in Allomani Weblinks 1.0
allow ...)
NOT-FOR-US: Allomani Weblinks
CVE-2014-8765 (Multiple cross-site scripting (XSS) vulnerabilities in the
Project ...)
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
