diff options
author | Raphael Geissert <atomo64@gmail.com> | 2014-02-03 14:21:09 +0000 |
---|---|---|
committer | Raphael Geissert <atomo64@gmail.com> | 2014-02-03 14:21:09 +0000 |
commit | 299ee5ca0e7564faace2785475406b7fbab313b9 (patch) | |
tree | 0208f6ab1daa74f4c683da129700059937d0d923 | |
parent | 36ee602b0b833addfab1df9487be745e81e94e49 (diff) |
passenger CVEified
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@25498 e39458fd-73e7-0310-bf30-c45bca0a0e42
-rw-r--r-- | data/CVE/list | 10 | ||||
-rw-r--r-- | data/packages/removed-packages | 1 |
2 files changed, 9 insertions, 2 deletions
diff --git a/data/CVE/list b/data/CVE/list index bd3448194f..3fe2e3d3bd 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -1,3 +1,11 @@ +CVE-2014-1832 [incomplete fix of CVE-2014-1831] + - ruby-passenger <not-affected> (incomplete patch never applied) + - passenger <not-affected> (incomplete patch never applied) +CVE-2014-1831 [insecure use of /tmp] + - ruby-passenger <unfixed> (low; bug #736958) + [wheezy] - ruby-passenger <no-dsa> (low; bug #736958) + - passenger <removed> + [squeeze] - passenger <no-dsa> (minor issue) CVE-2014-XXXX [insecure use of /tmp] - a2ps <unfixed> (bug #737385) CVE-2014-XXXX [hardening to the defaults] @@ -32,8 +40,6 @@ CVE-2013-XXXX [python's zipfile infinite loop on malformed files] NOTE: http://bugs.python.org/issue20078 CVE-2014-XXXX [no input validation for search function] - fookebox <unfixed> (bug #736821) -CVE-2014-XXXX [insecure use of /tmp] - - ruby-passenger <unfixed> (bug #736958) CVE-2013-XXXX - suphp <unfixed> (bug #736969) NOTE: Should be removed from the archive (dead upstream / orphaned) diff --git a/data/packages/removed-packages b/data/packages/removed-packages index c9ea7df091..4fb89606d6 100644 --- a/data/packages/removed-packages +++ b/data/packages/removed-packages @@ -249,3 +249,4 @@ rageircd postgresql-9.0 mysql-5.1 libpam-rsa +passenger |