Author: jmm Date: 2017-01-14 15:22:40 +0000 (Sat, 14 Jan 2017) New Revision: 48040
Modified: data/CVE/list Log: two potential tripleo-heat-templates issues mark one older bittorrent issue as NFU, there's no evidence that this affects a free BT implementation Modified: data/CVE/list =================================================================== --- data/CVE/list 2017-01-14 15:10:47 UTC (rev 48039) +++ data/CVE/list 2017-01-14 15:22:40 UTC (rev 48040) @@ -52595,8 +52595,7 @@ NOTE: https://github.com/bestpractical/rt/commit/67d517ba3421ba462e349c73207a627d137ef8ac (4.2.x) NOTE: https://github.com/bestpractical/rt/commit/4ec786bb4743f67a35a634c1bf43b13d3d3b39a9 (4.0.x) CVE-2015-5474 (BitTorrent and uTorrent allow remote attackers to inject command line ...) - - bittorrent <undetermined> - NOTE: http://www.zerodayinitiative.com/advisories/ZDI-15-358/ + NOT-FOR-US: uTorrent CVE-2015-5473 RESERVED CVE-2015-5472 (Absolute path traversal vulnerability in lib/download.php in the IBS ...) @@ -53050,8 +53049,7 @@ NOTE: https://www.samba.org/samba/security/CVE-2015-5330.html NOTE: Samba update needs as well fixed ldb CVE-2015-5329 (The TripleO Heat templates (tripleo-heat-templates), as used in Red ...) - - tripleo-heat-templates <undetermined> - TODO: check + - tripleo-heat-templates <unfixed> CVE-2015-5328 RESERVED CVE-2015-5327 [User triggerable out-of-bounds read] @@ -53176,8 +53174,7 @@ CVE-2015-5304 (Red Hat JBoss Enterprise Application Platform (EAP) before 6.4.5 does ...) NOT-FOR-US: Red Hat JBoss Enterprise Application Platform CVE-2015-5303 (The TripleO Heat templates (tripleo-heat-templates), when deployed via ...) - - tripleo-heat-templates <undetermined> - TODO: check + - tripleo-heat-templates <unfixed> CVE-2015-5302 (libreport 2.0.7 before 2.6.3 only saves changes to the first file when ...) NOT-FOR-US: abrt/libreport CVE-2015-5301 (providers/saml2/admin.py in the Identity Provider (IdP) server in ...) _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits