[Secure-testing-commits] r30609 - data/CVE

security tracker role sectracker at moszumanska.debian.org
Tue Dec 9 09:10:19 UTC 2014 

Author: sectracker
Date: 2014-12-09 09:10:19 +0000 (Tue, 09 Dec 2014)
New Revision: 30609

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2014-12-09 09:04:53 UTC (rev 30608)
+++ data/CVE/list	2014-12-09 09:10:19 UTC (rev 30609)
@@ -819,7 +819,7 @@
 	RESERVED
 	- libjpeg-turbo 1:1.3.1-11 (bug #768369)
 CVE-2014-9090 (The do_double_fault function in arch/x86/kernel/traps.c in the Linux ...)
-	{DSA-3093-1}
+	{DSA-3093-1 DLA-103-1}
 	- linux 3.16.7-ckt2-1
 	- linux-2.6 <removed>
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6f442be2fb22be02cafa606f1769fa1e6f894441 (v3.18-rc6)
@@ -7659,6 +7659,7 @@
 	- linux-2.6 <removed>
 	NOTE: Upstream fix: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c03aa9f6e1f938618e6db2e23afef0574efeeb65 (v3.17-rc5)
 CVE-2012-6657 (The sock_setsockopt function in net/core/sock.c in the Linux kernel ...)
+	{DLA-103-1}
 	- linux 3.6.4-1
 	[wheezy] - linux 3.2.32-1
 	- linux-2.6 <removed>
@@ -9812,6 +9813,7 @@
 CVE-2009-5142 (Cross-site scripting (XSS) vulnerability in timthumb.php in TimThumb ...)
 	NOT-FOR-US: TimThumb
 CVE-2014-5472 (The parse_rock_ridge_inode_internal function in fs/isofs/rock.c in the ...)
+	{DLA-103-1}
 	- linux 3.16.2-1
 	[wheezy] - linux 3.2.63-1
 	- linux-2.6 <removed>
@@ -9819,6 +9821,7 @@
 	NOTE: https://github.com/torvalds/linux/commit/410dd3cf4c9b36f27ed4542ee18b1af5e68645a4
 	NOTE: commit contained first in v3.17-rc2
 CVE-2014-5471 (Stack consumption vulnerability in the parse_rock_ridge_inode_internal ...)
+	{DLA-103-1}
 	- linux 3.16.2-1
 	[wheezy] - linux 3.2.63-1
 	- linux-2.6 <removed>
@@ -10751,6 +10754,7 @@
 CVE-2014-5116 (The cairo_image_surface_get_data function in Cairo 1.10.2, as used in ...)
 	NOTE: This is non-security bug in Wireshark, not in Cairo
 CVE-2014-5077 (The sctp_assoc_update function in net/sctp/associola.c in the Linux ...)
+	{DLA-103-1}
 	- linux 3.14.15-1
 	[wheezy] - linux 3.2.63-1
 	- linux-2.6 <removed>
@@ -11066,7 +11070,7 @@
 CVE-2014-4944 (Multiple SQL injection vulnerabilities in inc/bsk-pdf-dashboard.php in ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2014-4943 (The PPPoL2TP feature in net/l2tp/l2tp_ppp.c in the Linux kernel ...)
-	{DSA-2992-1}
+	{DSA-2992-1 DLA-103-1}
 	- linux 3.14.13-1
 	- linux-2.6 <removed>
 	NOTE: upstream commit: https://git.kernel.org/linus/3cf521f7dc87c031617fd47e4b7aa2593c2f3daf
@@ -11734,14 +11738,17 @@
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 2.6.32-48squeeze8
 CVE-2014-4655 (The snd_ctl_elem_add function in sound/core/control.c in the ALSA ...)
+	{DLA-103-1}
 	- linux 3.14.9-1
 	[wheezy] - linux 3.2.60-1
 	- linux-2.6 <removed>
 CVE-2014-4654 (The snd_ctl_elem_add function in sound/core/control.c in the ALSA ...)
+	{DLA-103-1}
 	- linux 3.14.9-1
 	[wheezy] - linux 3.2.60-1
 	- linux-2.6 <removed>
 CVE-2014-4653 (sound/core/control.c in the ALSA control implementation in the Linux ...)
+	{DLA-103-1}
 	- linux 3.14.9-1
 	[wheezy] - linux 3.2.60-1
 	- linux-2.6 <removed>
@@ -12118,6 +12125,7 @@
 	[wheezy] - apt-cacher-ng <no-dsa> (Minor issue)
 	[squeeze] - apt-cacher-ng <no-dsa> (Minor issue)
 CVE-2014-4508 (arch/x86/kernel/entry_32.S in the Linux kernel through 3.15.1 on ...)
+	{DLA-103-1}
 	- linux 3.14.9-1
 	[wheezy] - linux 3.2.60-1
 	- linux-2.6 <removed>
@@ -13207,6 +13215,7 @@
 	- neutron 2014.1.1-1 (bug #752021)
 	NOTE: https://launchpad.net/bugs/1309195
 CVE-2014-4157 (arch/mips/include/asm/thread_info.h in the Linux kernel before 3.14.8 ...)
+	{DLA-103-1}
 	- linux 3.14.7-1 (bug #751417)
 	[wheezy] - linux 3.2.60-1
 	- linux-2.6 <not-affected> (squeeze-lts only covers x86)
@@ -21989,6 +21998,7 @@
 	NOTE: upstream fix: https://git.kernel.org/linus/f3d3342602f8bcbf37d7c46641cb9bca7618eb1c
 	NOTE: included in https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.4
 CVE-2013-7266 (The mISDN_sock_recvmsg function in drivers/isdn/mISDN/socket.c in the ...)
+	{DLA-103-1}
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 <no-dsa> (Too intrusive to backport)
 	- linux 3.12.6-1
@@ -43758,6 +43768,7 @@
 CVE-2013-0229 (The ProcessSSDPRequest function in minissdp.c in the SSDP handler in ...)
 	- miniupnpd <not-affected> (Fixed before initial upload to archive)
 CVE-2013-0228 (The xen_iret function in arch/x86/xen/xen-asm_32.S in the Linux kernel ...)
+	{DLA-103-1}
 	- linux 3.2.39-1
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 2.6.32-48

More information about the Secure-testing-commits mailing list