Author: fgeek-guest Date: 2014-10-16 14:36:56 +0000 (Thu, 16 Oct 2014) New Revision: 29431
Modified: data/CVE/list Log: CVE-2014-8760/ejabberd Modified: data/CVE/list =================================================================== --- data/CVE/list 2014-10-16 12:12:10 UTC (rev 29430) +++ data/CVE/list 2014-10-16 14:36:56 UTC (rev 29431) @@ -6,8 +6,11 @@ RESERVED CVE-2014-8761 RESERVED -CVE-2014-8760 +CVE-2014-8760 [ejabberd: compression allows cirucumvention of encryption despite starttls_required] RESERVED + - ejabberd <unfixed> + NOTE: http://mail.jabber.org/pipermail/operators/2014-October/002438.html + NOTE: Patch https://github.com/processone/ejabberd/commit/7bdc1151b CVE-2014-8759 RESERVED CVE-2014-8758 @@ -464,10 +467,6 @@ TODO: check CVE-2014-8075 (Cross-site scripting (XSS) vulnerability in the Tribune module 6.x-1.x ...) TODO: check -CVE-2014-XXXX [ejabberd: compression allows cirucumvention of encryption despite starttls_required] - - ejabberd <unfixed> - NOTE: http://mail.jabber.org/pipermail/operators/2014-October/002438.html - NOTE: Patch https://github.com/processone/ejabberd/commit/7bdc1151b CVE-2014-8766 (Multiple SQL injection vulnerabilities in Allomani Weblinks 1.0 allow ...) NOT-FOR-US: Allomani Weblinks CVE-2014-8765 (Multiple cross-site scripting (XSS) vulnerabilities in the Project ...) _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits