Author: jmm
Date: 2014-12-03 07:49:31 +0000 (Wed, 03 Dec 2014)
New Revision: 30499
Modified:
data/CVE/list
Log:
two iceweasel n/a
hibernate no-dsa
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-12-03 05:56:09 UTC (rev 30498)
+++ data/CVE/list 2014-12-03 07:49:31 UTC (rev 30499)
@@ -1971,8 +1971,10 @@
RESERVED
CVE-2014-8632
RESERVED
+ - iceweasel <not-affected> (Only affects Firefox 33)
CVE-2014-8631
RESERVED
+ - iceweasel <not-affected> (Only affects Firefox 33)
CVE-2014-8630
RESERVED
CVE-2014-8629 (Cross-site scripting (XSS) vulnerability in the Page
visualization ...)
@@ -14218,6 +14220,7 @@
NOT-FOR-US: ovirt-engine-backend
CVE-2014-3558 (ReflectionHelper
(org.hibernate.validator.util.ReflectionHelper) in ...)
- libhibernate-validator-java <unfixed> (low; bug #762690)
+ [jessie] - libhibernate-validator-java <no-dsa> (Only used as a build
dependency for libhibernate3-java)
[wheezy] - libhibernate-validator-java <no-dsa> (Only used as a build
dependency for libhibernate3-java)
NOTE: RedHat upgraded to new upstream versions in their security
NOTE: updates. No patches are available for the 4.0.x branch we
@@ -65582,7 +65585,8 @@
[wheezy] - bouncycastle <no-dsa> (Minor issue)
NOTE: No mitigation for bouncycastle, it is recommended to use TLS 1.1,
which is supported since 1.4.9
- nss 3.13.1.with.ckbi.1.88-1
- - polarssl <unfixed>
+ - polarssl <unfixed> (unimportant)
+ NOTE: No mitigation for polarssl, it is recommended to use TLS 1.1,
which is supported in all releases
- tlslite <removed>
[wheezy] - tlslite <no-dsa> (Minor issue)
CVE-2011-3388 (Opera before 11.51 allows remote attackers to cause an insecure
site ...)
_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
