passenger CVEified

git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@25498 e39458fd-73e7-0310-bf30-c45bca0a0e42

2 files changed, 9 insertions, 2 deletions

diff --git a/data/CVE/list b/data/CVE/list
index bd3448194f..3fe2e3d3bd 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,3 +1,11 @@
+CVE-2014-1832 [incomplete fix of CVE-2014-1831]
+	- ruby-passenger <not-affected> (incomplete patch never applied)
+	- passenger <not-affected> (incomplete patch never applied)
+CVE-2014-1831 [insecure use of /tmp]
+	- ruby-passenger <unfixed> (low; bug #736958)
+	[wheezy] - ruby-passenger <no-dsa> (low; bug #736958)
+	- passenger <removed>
+	[squeeze] - passenger <no-dsa> (minor issue)
 CVE-2014-XXXX [insecure use of /tmp]
 	- a2ps <unfixed> (bug #737385)
 CVE-2014-XXXX [hardening to the defaults]
@@ -32,8 +40,6 @@ CVE-2013-XXXX [python's zipfile infinite loop on malformed files]
 	NOTE: http://bugs.python.org/issue20078
 CVE-2014-XXXX [no input validation for search function]
 	- fookebox <unfixed> (bug #736821)
-CVE-2014-XXXX [insecure use of /tmp]
-	- ruby-passenger <unfixed> (bug #736958)
 CVE-2013-XXXX
 	- suphp <unfixed> (bug #736969)
 	NOTE: Should be removed from the archive (dead upstream / orphaned)
diff --git a/data/packages/removed-packages b/data/packages/removed-packages
index c9ea7df091..4fb89606d6 100644
--- a/data/packages/removed-packages
+++ b/data/packages/removed-packages
@@ -249,3 +249,4 @@ rageircd
 postgresql-9.0
 mysql-5.1
 libpam-rsa
+passenger