[Secure-testing-commits] r29671 - data/CVE

Sun, 26 Oct 2014 14:14:57 -0700 

Author: joeyh
Date: 2014-10-26 21:14:14 +0000 (Sun, 26 Oct 2014)
New Revision: 29671

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2014-10-26 21:11:18 UTC (rev 29670)
+++ data/CVE/list       2014-10-26 21:14:14 UTC (rev 29671)
@@ -11049,6 +11049,7 @@
        - jenkins 1.565.3-1 (bug #763899)
 CVE-2014-3660 [libxml2 billion laugh variant]
        RESERVED
+       {DSA-3057-1}
        - libxml2 2.9.2+dfsg1-1 (bug #765722)
        NOTE: 
https://www.ncsc.nl/actueel/nieuwsberichten/kwetsbaarheid-ontdekt-in-libxml2.html
        NOTE: 
https://git.gnome.org/browse/libxml2/commit/?id=be2a7edaf289c5da74a4f9ed3a0b6c733e775230
@@ -11421,7 +11422,7 @@
        NOTE: 
http://googleonlinesecurity.blogspot.fr/2014/10/this-poodle-bites-exploiting-ssl-30.html
        NOTE: This is only about the SSLv3 CBC padding, not about any downgrade 
attack or support for the fallback SCSV
        NOTE: Fix is to disable SSLv3 in library or application configurations 
-        NOTE: Browsers based on webkit (with the exception of Chromium) or 
khtml are not covered by security support
+       NOTE: Browsers based on webkit (with the exception of Chromium) or 
khtml are not covered by security support
 CVE-2014-3565 (snmplib/mib.c in net-snmp 5.7.0 and earlier, when the -OQ 
option is ...)
        - net-snmp 5.7.2.1~dfsg-7 (bug #760132)
        [wheezy] - net-snmp <no-dsa> (Minor issue)
@@ -11785,15 +11786,15 @@
        - openssl 1.0.1h-1 (bug #750665)
        [squeeze] - openssl 0.9.8o-4squeeze15
 CVE-2014-3469 (The (1) asn1_read_value_type and (2) asn1_read_value functions 
in GNU ...)
-       {DSA-3056-1}
+       {DSA-3056-1 DLA-77-1}
        - libtasn1-3 <removed>
        - libtasn1-6 3.6-1
 CVE-2014-3468 (The asn1_get_bit_der function in GNU Libtasn1 before 3.6 does 
not ...)
-       {DSA-3056-1}
+       {DSA-3056-1 DLA-77-1}
        - libtasn1-3 <removed>
        - libtasn1-6 3.6-1
 CVE-2014-3467 (Multiple unspecified vulnerabilities in the DER decoder in GNU 
...)
-       {DSA-3056-1}
+       {DSA-3056-1 DLA-77-1}
        - libtasn1-3 <removed>
        - libtasn1-6 3.6-1
 CVE-2014-3466 (Buffer overflow in the read_server_hello function in ...)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to