Add fixed version from Wheezy 7.5 point release

git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@26713 e39458fd-73e7-0310-bf30-c45bca0a0e42
author: Salvatore Bonaccorso <carnil@debian.org> 2014-04-26 11:15:31 +0000
committer: Salvatore Bonaccorso <carnil@debian.org> 2014-04-26 11:15:31 +0000
commit: 7138aff58e7503e146404259796a1b66a06d396f (patch)
tree: f65d7c55c23294e4ce715cad00d4e05d6c09a268 /data/CVE
parent: f0eba0203640b361f4d203ccbf178c7e20becb35 (diff)
6 files changed, 38 insertions, 22 deletions
diff --git a/data/CVE/2003.list b/data/CVE/2003.list
index bdaa5f80de..bb4586c631 100644
--- a/data/CVE/2003.list
+++ b/data/CVE/2003.list
@@ -2153,7 +2153,7 @@ CVE-2003-0578 (cci_dir in IBM U2 UniVerse 10.0.0.9 and earlier creates hard link
 CVE-2003-0577 (mpg123 0.59r allows remote attackers to cause a denial of service and ...)
 	- mpg123 0.59r-1
 	- mp3gain 1.5.2-r2-6 (low)
-	[wheezy] - mp3gain <no-dsa> (Minor issue)
+	[wheezy] - mp3gain 1.5.2-r2-2+deb7u1
 	[squeeze] - mp3gain <no-dsa> (Minor issue)
 CVE-2003-0576 (Unknown vulnerability in the NFS daemon (nfsd) in SGI IRIX 6.5.19f and ...)
 	NOT-FOR-US: IRIX
diff --git a/data/CVE/2004.list b/data/CVE/2004.list
index 913f054f6a..5358f2d2db 100644
--- a/data/CVE/2004.list
+++ b/data/CVE/2004.list
@@ -3842,7 +3842,7 @@ CVE-2004-0992 (Format string vulnerability in the -a option (daemon mode) in ...
 CVE-2004-0991 (Buffer overflow in mpg123 before 0.59s-r9 allows remote attackers to ...)
 	- mpg123 0.59r-19
 	- mp3gain 1.5.2-r2-6 (low)
-	[wheezy] - mp3gain <no-dsa> (Minor issue)
+	[wheezy] - mp3gain 1.5.2-r2-2+deb7u1
 	[squeeze] - mp3gain <no-dsa> (Minor issue)
 CVE-2004-0990 (Integer overflow in GD Graphics Library libgd 2.0.28 (libgd2), and ...)
 	{DSA-602-1 DSA-601-1 DSA-591-1 DSA-589-1}
@@ -4328,7 +4328,7 @@ CVE-2004-0805 (Buffer overflow in layer2.c in mpg123 0.59r and possibly mpg123 0
 	{DSA-564-1}
 	- mpg123 0.59r-16
 	- mp3gain 1.5.2-r2-6 (low)
-	[wheezy] - mp3gain <no-dsa> (Minor issue)
+	[wheezy] - mp3gain 1.5.2-r2-2+deb7u1
 	[squeeze] - mp3gain <no-dsa> (Minor issue)
 CVE-2004-0804 (Vulnerability in tif_dirread.c for libtiff allows remote attackers to ...)
 	{DSA-567-1}
diff --git a/data/CVE/2006.list b/data/CVE/2006.list
index 33214e6a4e..435cb330a1 100644
--- a/data/CVE/2006.list
+++ b/data/CVE/2006.list
@@ -12670,7 +12670,7 @@ CVE-2006-1655 (Multiple buffer overflows in mpg123 0.59r allow user-assisted ...
 	{DSA-1074-1}
 	- mpg123 0.59r-22 (bug #361863)
 	- mp3gain 1.5.2-r2-6 (low)
-	[wheezy] - mp3gain <no-dsa> (Minor issue)
+	[wheezy] - mp3gain 1.5.2-r2-2+deb7u1
 	[squeeze] - mp3gain <no-dsa> (Minor issue)
 CVE-2006-1654 (Directory traversal vulnerability in the HP Color LaserJet 2500 ...)
 	NOT-FOR-US: HP Colour LaserJet 2500 and 4600 Toolbox
diff --git a/data/CVE/2012.list b/data/CVE/2012.list
index c2191d37dd..a4f6cc7069 100644
--- a/data/CVE/2012.list
+++ b/data/CVE/2012.list
@@ -1102,7 +1102,7 @@ CVE-2012-6151 (Net-SNMP 5.7.1 and earlier, when AgentX is registering to handle
 	NOTE: Upstream patch: http://sourceforge.net/p/net-snmp/code/ci/793d596838ff7cb48a73b675d62897c56c9e62df/
 CVE-2012-6150 (The winbind_name_list_to_sid_string_list function in ...)
 	- samba 2:4.0.13+dfsg-1 (low)
-	[wheezy] - samba <no-dsa> (Can be fixed along in a future DSA)
+	[wheezy] - samba 2:3.6.6-6+deb7u3
 	[squeeze] - samba <no-dsa> (Can be fixed along in a future DSA)
 	- samba4 <not-affected> (Samba 4 winbind does not implement this feature)
 	NOTE: introduced http://git.samba.org/?p=samba.git;a=commit;h=31f1a36901b5b8959dc51401c09c114829b50392
@@ -1359,7 +1359,7 @@ CVE-2012-6083
 	RESERVED
 	- freeciv 2.3.4-1 (low; bug #696306)
 	[squeeze] - freeciv <no-dsa> (Minor issue)
-	[wheezy] - freeciv <no-dsa> (Minor issue)
+	[wheezy] - freeciv 2.3.2-1+deb7u1
 CVE-2012-6082 (Cross-site scripting (XSS) vulnerability in the rsslink function in ...)
 	{DSA-2593-1}
 	- moin 1.9.5-2
@@ -2450,7 +2450,7 @@ CVE-2012-5645
 	RESERVED
 	- freeciv 2.3.4-1 (low; bug #696306)
 	[squeeze] - freeciv <no-dsa> (Minor issue)
-	[wheezy] - freeciv <no-dsa> (Minor issue)
+	[wheezy] - freeciv 2.3.2-1+deb7u1
 CVE-2012-5644 [(Complete) Information disclosure when moving user's home directory]
 	RESERVED
 	- libuser <unfixed> (low; bug #705690)
diff --git a/data/CVE/2013.list b/data/CVE/2013.list
index 1f295b1433..49660d4d77 100644
--- a/data/CVE/2013.list
+++ b/data/CVE/2013.list
@@ -84,6 +84,7 @@ CVE-2013-7341 (Multiple cross-site scripting (XSS) vulnerabilities in Flowplayer
 CVE-2013-7339 (The rds_ib_laddr_check function in net/rds/ib.c in the Linux kernel ...)
 	{DSA-2906-1}
 	- linux 3.13-1
+	[wheezy] - linux 3.2.57-1
 	- linux-2.6 <removed>
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c2349758acf1874e4c2b93fe41d072336f1a31d0
 CVE-2013-7336 [libvirt: unprivileged user can crash libvirtd during spice migration]
@@ -2520,7 +2521,7 @@ CVE-2013-6442 (The owner_set function in smbcacls.c in smbcacls in Samba 4.0.x b
 	[squeeze] - samba <not-affected> (Only affects 4.x and later)
 	[wheezy] - samba <not-affected> (Only affects 4.x and later)
 	- samba4 <removed>
-	[wheezy] - samba4 <no-dsa> (Minor issue)
+	[wheezy] - samba4 4.0.0~beta2+dfsg1-3.2+deb7u1
 	NOTE: http://www.samba.org/samba/security/CVE-2013-6442
 CVE-2013-6441 (The lxc-sshd template (templates/lxc-sshd.in) in LXC before ...)
 	- lxc <unfixed> (unimportant)
@@ -2673,7 +2674,7 @@ CVE-2013-6405
 	REJECTED
 CVE-2013-6404 (Quassel core (server daemon) in Quassel IRC before 0.9.2 does not ...)
 	- quassel 0.9.2-1 (low)
-	[wheezy] - quassel <no-dsa> (Minor issue)
+	[wheezy] - quassel 0.8.0-1+deb7u1
 	[squeeze] - quassel <no-dsa> (Minor issue)
 	NOTE: https://github.com/quassel/quassel/commit/a1a24da
 CVE-2013-6403 (The admin page in ownCloud before 5.0.13 allows remote attackers to ...)
@@ -7278,10 +7279,10 @@ CVE-2013-4497 (The XenAPI backend in OpenStack Compute (Nova) Folsom, Grizzly, a
 	NOTE: https://github.com/openstack/nova/commit/5cced7a6dd32d231c606e25dbf762d199bf9cca7
 CVE-2013-4496 (Samba 3.x before 3.6.23, 4.0.x before 4.0.16, and 4.1.x before 4.1.6 ...)
 	- samba 2:4.1.6+dfsg-1 (low)
-	[wheezy] - samba <no-dsa> (Minor issue)
+	[wheezy] - samba 2:3.6.6-6+deb7u3
 	[squeeze] - samba <no-dsa> (Minor issue)
 	- samba4 <removed>
-	[wheezy] - samba4 <no-dsa> (Minor issue)
+	[wheezy] - samba4 4.0.0~beta2+dfsg1-3.2+deb7u1
 	NOTE: http://www.samba.org/samba/security/CVE-2013-4496
 CVE-2013-4495 (The send_the_mail function in server/svr_mail.c in Terascale ...)
 	{DSA-2796-1}
@@ -7328,6 +7329,7 @@ CVE-2013-4484 (Varnish before 3.0.5 allows remote attackers to cause a denial of
 	NOTE: https://www.varnish-cache.org/trac/ticket/1367
 CVE-2013-4483 (The ipc_rcu_putref function in ipc/util.c in the Linux kernel before ...)
 	- linux 3.11.8-1 (low)
+	[wheezy] - linux 3.2.57-1
 	- linux-2.6 <removed> (low)
 	[squeeze] - linux-2.6 <no-dsa> (Minor issue, too intrusive to backport)
 	NOTE: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6062a8
@@ -7355,11 +7357,12 @@ CVE-2013-4476 (Samba 4.0.x before 4.0.11 and 4.1.x before 4.1.1, when LDAP or HT
 	[wheezy] - samba <not-affected> (Doesn't provide AD functionality)
 	[squeeze] - samba <not-affected> (Doesn't provide AD functionality)
 	- samba4 <removed> (low)
+	[wheezy] - samba4 4.0.0~beta2+dfsg1-3.2+deb7u1
 CVE-2013-4475 (Samba 3.x before 3.6.20, 4.0.x before 4.0.11, and 4.1.x before 4.1.1, ...)
 	{DSA-2812-1}
 	- samba 2:4.0.11+dfsg-1 (low)
 	- samba4 <removed> (low)
-	[wheezy] - samba4 <no-dsa> (Minor issue)
+	[wheezy] - samba4 4.0.0~beta2+dfsg1-3.2+deb7u1
 CVE-2013-4474 (Format string vulnerability in the extractPages function in ...)
 	- poppler 0.18.4-9 (low; bug #729064)
 	[squeeze] - poppler <not-affected> (pdfseparate not yet present)
@@ -7579,6 +7582,7 @@ CVE-2013-4408 (Heap-based buffer overflow in the dcerpc_read_ncacn_packet_done .
 	{DSA-2812-1}
 	- samba 2:4.0.13+dfsg-1
 	- samba4 <removed>
+	[wheezy] - samba4 4.0.0~beta2+dfsg1-3.2+deb7u1
 CVE-2013-4407 (HTTP::Body::Multipart in the HTTP-Body 1.08, 1.17, and earlier module ...)
 	{DSA-2801-1}
 	- libhttp-body-perl 1.17-2 (bug #721634)
@@ -8425,7 +8429,7 @@ CVE-2013-4160 (Little CMS (lcms2) before 2.5, as used in OpenJDK 7 and possibly
 	[squeeze] - lcms <no-dsa> (Minor issue)
 	[wheezy] - lcms <no-dsa> (Minor issue)
 	- lcms2 2.2+git20110628-2.3 (bug #714529)
-	[wheezy] - lcms2 <no-dsa> (Minor issue)
+	[wheezy] - lcms2 2.2+git20110628-2.2+deb7u1
 	NOTE: https://github.com/mm2/Little-CMS/commit/91c2db7f2559be504211b283bc3a2c631d6f06d9
 	NOTE: https://bugzilla.novell.com/show_bug.cgi?id=826097#c9
 CVE-2013-4159
@@ -8558,7 +8562,7 @@ CVE-2013-4124 (Integer overflow in the read_nttrans_ea_list function in nttrans.
 	[wheezy] - samba 2:3.6.6-6+deb7u1
 	[squeeze] - samba 2:3.5.6~dfsg-3squeeze10
 	- samba4 <unfixed> (low)
-	[wheezy] - samba4 <no-dsa> (Minor issue)
+	[wheezy] - samba4 4.0.0~beta2+dfsg1-3.2+deb7u1
 	NOTE: https://www.samba.org/samba/security/CVE-2013-4124
 	NOTE: samba as per 2:4.0.9+dfsg-2 is the first upload of the unified samba 4.x package to unstable.
 	NOTE: Issue also fixed in 4.0.8 upstream, thus the fix still contained in 4.x in unstable
diff --git a/data/CVE/2014.list b/data/CVE/2014.list
index 24d7348bff..3b3077690d 100644
--- a/data/CVE/2014.list
+++ b/data/CVE/2014.list
@@ -705,6 +705,7 @@ CVE-2014-2707 (cups-browsed in cups-filters 1.0.41 before 1.0.51 in allows remot
 	NOTE: fixed in 1.0.51, pending in git http://anonscm.debian.org/gitweb/?p=printing/cups-filters.git;a=commitdiff;h=e7293d18836d90815277a7efb410275b9baa27c7
 CVE-2014-2706 (Race condition in the mac80211 subsystem in the Linux kernel before ...)
 	- linux 3.13.7-1 (low)
+	[wheezy] - linux 3.2.57-1
 	- linux-2.6 <removed> (low)
 	NOTE: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=1d147bfa64293b2723c4fec50922168658e613ba
 CVE-2014-2686
@@ -767,6 +768,7 @@ CVE-2014-2681 [zendframework ZF2014-01]
 	NOTE: http://framework.zend.com/security/advisory/ZF2014-01
 CVE-2014-2678 (The rds_iw_laddr_check function in net/rds/iw.c in the Linux kernel ...)
 	- linux 3.13.10-1
+	[wheezy] - linux 3.2.57-1
 	- linux-2.6 <removed>
 	NOTE: https://lkml.org/lkml/2014/3/29/188
 CVE-2014-2673 (The arch_dup_task_struct function in the Transactional Memory (TM) ...)
@@ -777,6 +779,7 @@ CVE-2014-2673 (The arch_dup_task_struct function in the Transactional Memory (TM
 	NOTE: only affects powerpc architecture
 CVE-2014-2672 (Race condition in the ath_tx_aggr_sleep function in ...)
 	- linux 3.13.7-1
+	[wheezy] - linux 3.2.57-1
 	- linux-2.6 <removed>
 	NOTE: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=21f8aaee0c62708654988ce092838aa7df4d25d8
 CVE-2014-2669 (Multiple integer overflows in contrib/hstore/hstore_io.c in PostgreSQL ...)
@@ -1177,6 +1180,7 @@ CVE-2014-2524 [Insecure usage of temporary files]
 CVE-2014-2523 (net/netfilter/nf_conntrack_proto_dccp.c in the Linux kernel through ...)
 	{DSA-2906-1}
 	- linux 3.13.10-1
+	[wheezy] - linux 3.2.57-1
 	- linux-2.6 <removed>
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/net/netfilter/nf_conntrack_proto_dccp.c?id=b22f5126a24b3b2f15448c3f2a254fc10cbc2b92
 CVE-2014-2522 (curl and libcurl 7.27.0 through 7.35.0, when runnning on Windows and ...)
@@ -1703,12 +1707,13 @@ CVE-2014-2281 (The nfs_name_snoop_add_name function in epan/dissectors/packet-nf
 	NOTE: http://www.wireshark.org/security/wnpa-sec-2014-01.html
 CVE-2014-2309 (The ip6_route_add function in net/ipv6/route.c in the Linux kernel ...)
 	- linux 3.13.6-1
+	[wheezy] - linux 3.2.57-1
 	- linux-2.6 <not-affected> (Introduced in v3.0)
 	NOTE: Introduced by https://git.kernel.org/cgit/linux/kernel/git/davem/net.git/commit/?id=957c665f37007de93ccbe45902a23143724170d0
 	NOTE: Fix: https://git.kernel.org/cgit/linux/kernel/git/davem/net.git/commit/?id=c88507fbad8055297c1d1e21e599f46960cbee39
 CVE-2014-2310 (The AgentX subagent in Net-SNMP before 5.4.4 allows remote attackers ...)
 	- net-snmp 5.7.2~dfsg-3 (bug #684388)
-	[wheezy] - net-snmp <no-dsa> (Minor issue)
+	[wheezy] - net-snmp 5.4.3~dfsg-2.8
 	[squeeze] - net-snmp <no-dsa> (Minor issue)
 	NOTE: http://sourceforge.net/p/net-snmp/patches/1113/
 CVE-2014-2280 (Cross-site scripting (XSS) vulnerability in the search feature in ...)
@@ -2155,19 +2160,19 @@ CVE-2014-2206 (Stack-based buffer overflow in GetGo Download Manager 4.9.0.1982,
 CVE-2014-2096 (Untrusted search path vulnerability in Catfish 0.6.0 through 1.0.0 ...)
 	- catfish 1.0.1-1 (low; bug #739958)
 	[squeeze] - catfish <no-dsa> (Minor issue)
-	[wheezy] - catfish <no-dsa> (Minor issue)
+	[wheezy] - catfish 0.3.2-2+deb7u1
 CVE-2014-2095 (Untrusted search path vulnerability in Catfish 0.6.0 through 1.0.0, ...)
 	- catfish 1.0.1-1 (low; bug #739958)
 	[squeeze] - catfish <no-dsa> (Minor issue)
-	[wheezy] - catfish <no-dsa> (Minor issue)
+	[wheezy] - catfish 0.3.2-2+deb7u1
 CVE-2014-2094 (Untrusted search path vulnerability in Catfish through 0.4.0.3, when a ...)
 	- catfish 1.0.1-1 (low; bug #739958)
 	[squeeze] - catfish <no-dsa> (Minor issue)
-	[wheezy] - catfish <no-dsa> (Minor issue)
+	[wheezy] - catfish 0.3.2-2+deb7u1
 CVE-2014-2093 (Untrusted search path vulnerability in Catfish through 0.4.0.3 allows ...)
 	- catfish 1.0.1-1 (low; bug #739958)
 	[squeeze] - catfish <no-dsa> (Minor issue)
-	[wheezy] - catfish <no-dsa> (Minor issue)
+	[wheezy] - catfish 0.3.2-2+deb7u1
 CVE-2014-2086
 	RESERVED
 CVE-2014-2085
@@ -2276,7 +2281,7 @@ CVE-2014-2053
 	RESERVED
 	- owncloud 6.0.2+dfsg-1
 	- php-getid3 1.9.7-2
-	[wheezy] - php-getid3 <no-dsa> (Minor issue)
+	[wheezy] - php-getid3 1.9.3-1+deb7u1
 	[squeeze] - php-getid3 <not-affected> (Vulnerable code not present)
 	NOTE: owncloud advisory does not mention details for GetID3
 	NOTE: http://owncloud.org/about/security/advisories/oC-SA-2014-006/
@@ -2490,6 +2495,7 @@ CVE-2014-1930 (Visibility Software Cyber Recruiter before 8.1.00 does not use th
 CVE-2014-2039 (arch/s390/kernel/head64.S in the Linux kernel before 3.13.5 on the ...)
 	{DSA-2906-1}
 	- linux 3.13.5-1
+	[wheezy] - linux 3.2.57-1
 	- linux-2.6 <removed>
 	NOTE: https://git.kernel.org/linus/8d7f6690cedb83456edd41c9bd583783f0703bf0
 CVE-2014-2037 [incomplete fix for CVE-2013-6466 DoS in openSwan]
@@ -2829,6 +2835,7 @@ CVE-2014-1875 [insecure use of /tmp]
 CVE-2014-1874 (The security_context_to_sid_core function in ...)
 	{DSA-2906-1}
 	- linux 3.13.4-1
+	[wheezy] - linux 3.2.57-1
 	- linux-2.6 <removed>
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2172fa709ab32ca60e86179dc67d0857be8e2c98, first included in v3.14-rc2
 CVE-2014-1860 [PHP object insertion]
@@ -2842,7 +2849,7 @@ CVE-2014-1832 [incomplete fix of CVE-2014-1831]
 CVE-2014-1831 [insecure use of /tmp]
 	RESERVED
 	- ruby-passenger 4.0.37-1 (low; bug #736958)
-	[wheezy] - ruby-passenger <no-dsa> (low; bug #736958)
+	[wheezy] - ruby-passenger 3.0.13debian-1+deb7u2 (low; bug #736958)
 	- passenger <removed>
 	[squeeze] - passenger <no-dsa> (minor issue)
 CVE-2014-1845 [hardening to the defaults]
@@ -6320,6 +6327,7 @@ CVE-2014-0132 (The SASL authentication functionality in 389 Directory Server bef
 	- 389-ds-base 1.3.2.9-1.1 (bug #741600)
 CVE-2014-0131 (Use-after-free vulnerability in the skb_segment function in ...)
 	- linux 3.13.6-1
+	[wheezy] - linux 3.2.57-1
 	- linux-2.6 <removed>
 	NOTE: http://marc.info/?l=linux-netdev&m=139446896921968&w=2
 CVE-2014-0130
@@ -6415,6 +6423,7 @@ CVE-2014-0102 (The keyring_detect_cycle_iterator function in security/keys/keyri
 CVE-2014-0101 (The sctp_sf_do_5_1D_ce function in net/sctp/sm_statefuns.c in the ...)
 	{DSA-2906-1}
 	- linux 3.13.6-1
+	[wheezy] - linux 3.2.57-1
 	- linux-2.6 <removed>
 	NOTE: Introduced by https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=bbd0d59809f923ea2b540cbd781b32110e249f6e
 	NOTE: http://patchwork.ozlabs.org/patch/325898/
@@ -6497,6 +6506,7 @@ CVE-2014-0078
 	RESERVED
 CVE-2014-0077 (drivers/vhost/net.c in the Linux kernel before 3.13.10, when mergeable ...)
 	- linux 3.13.10-1
+	[wheezy] - linux 3.2.57-1
 	- linux-2.6 <not-affected> (Vulnerable code not present)
 	NOTE: seems introduced in https://github.com/torvalds/linux/commit/8dd014adfea6f173c1ef6378f7e5e7924866c923
 	NOTE: qemu is built with support for vhost_net, module loaded post-wheezy when linux < 3.4 but root:root 0600
@@ -6521,6 +6531,7 @@ CVE-2014-0070
 	REJECTED
 CVE-2014-0069 (The cifs_iovec_write function in fs/cifs/file.c in the Linux kernel ...)
 	- linux 3.13.6-1 (bug #741958)
+	[wheezy] - linux 3.2.57-1
 	- linux-2.6 <not-affected> (Only affects 2.6.38 and later)
 	NOTE: http://article.gmane.org/gmane.linux.kernel.cifs/9401
 	NOTE: upstream fix 5d81de8e8667da7135d3a32a964087c0faf5483f included in v3.14-rc4
@@ -6589,6 +6600,7 @@ CVE-2014-0056 [Routers can be cross plugged by other tenants]
 	- neutron 2013.2.2-4 (bug #742800)
 CVE-2014-0055 (The get_rx_bufs function in drivers/vhost/net.c in the vhost-net ...)
 	- linux 3.13.10-1
+	[wheezy] - linux 3.2.57-1
 	- linux-2.6 <not-affected> (Vulnerable code not present)
 	NOTE: introduced in https://github.com/torvalds/linux/commit/8dd014adfea6f173c1ef6378f7e5e7924866c923
 	NOTE: qemu is built with support for vhost_net, module loaded post-wheezy when linux < 3.4 but root:root 0600
@@ -6662,7 +6674,7 @@ CVE-2014-0033 (org/apache/catalina/connector/CoyoteAdapter.java in Apache Tomcat
 CVE-2014-0032 (The get_resource function in repos.c in the mod_dav_svn module in ...)
 	- subversion 1.8.8-1 (low; bug #737815)
 	[squeeze] - subversion <no-dsa> (Minor issue)
-	[wheezy] - subversion <no-dsa> (Minor issue)
+	[wheezy] - subversion 1.6.17dfsg-4+deb7u5
 CVE-2014-0031 (The (1) ListNetworkACL and (2) listNetworkACLLists APIs in Apache ...)
 	NOT-FOR-US: Apache CloudStack
 CVE-2014-0030
author	Salvatore Bonaccorso <carnil@debian.org>	2014-04-26 11:15:31 +0000
committer	Salvatore Bonaccorso <carnil@debian.org>	2014-04-26 11:15:31 +0000
commit	7138aff58e7503e146404259796a1b66a06d396f (patch)
tree	f65d7c55c23294e4ce715cad00d4e05d6c09a268 /data/CVE
parent	f0eba0203640b361f4d203ccbf178c7e20becb35 (diff)