[Secure-testing-commits] r29909 - data/CVE

Joey Hess joeyh at moszumanska.debian.org
Fri Nov 7 21:14:27 UTC 2014 

Author: joeyh
Date: 2014-11-07 21:14:27 +0000 (Fri, 07 Nov 2014)
New Revision: 29909

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2014-11-07 18:15:07 UTC (rev 29908)
+++ data/CVE/list	2014-11-07 21:14:27 UTC (rev 29909)
@@ -317,6 +317,7 @@
 	RESERVED
 CVE-2014-8476 [getlogin kernel memory disclosure]
 	RESERVED
+	{DSA-3070-1}
 	- kfreebsd-10 <unfixed> (bug #768108)
 	- kfreebsd-9 <removed> (bug #768104)
 	- kfreebsd-8 <removed> (bug #768106)
@@ -351,7 +352,7 @@
 	RESERVED
 CVE-2014-8483 [out-of-bounds read on a heap-allocated array]
 	RESERVED
-	{DSA-3063-1}
+	{DSA-3068-1 DSA-3063-1}
 	- quassel <unfixed> (bug #766962)
 	NOTE: https://github.com/quassel/quassel/commit/8b5ecd226f9208af3074b33d3b7cf5e14f55b138
 	NOTE: http://bugs.quassel-irc.org/issues/1314
@@ -8126,7 +8127,7 @@
 	- tor 0.2.4.23-1
 	[squeeze] - tor 0.2.4.23-1~deb6u1
 CVE-2014-5116 (The cairo_image_surface_get_data function in Cairo 1.10.2, as used in ...)
-        NOTE: This is non-security bug in Wireshark, not in Cairo
+	NOTE: This is non-security bug in Wireshark, not in Cairo
 CVE-2014-5077 (The sctp_assoc_update function in net/sctp/associola.c in the Linux ...)
 	- linux 3.14.15-1
 	[wheezy] - linux 3.2.63-1
@@ -10753,12 +10754,14 @@
 CVE-2014-3954 (Stack-based buffer overflow in rtsold in FreeBSD 9.1 through 10.1-RC2 ...)
 	NOT-FOR-US: FreeBSD rtsold
 CVE-2014-3953 (FreeBSD 8.4 before p14, 9.1 before p17, 9.2 before p10, and 10.0 ...)
+	{DSA-3070-1}
 	- kfreebsd-8 <removed>
 	[wheezy] - kfreebsd-8 <no-dsa> (kfreebsd-8 only a test kernel, will be fixed in a point update)
 	[squeeze] - kfreebsd-8 <end-of-life> (Unsupported in squeeze-lts)
 	- kfreebsd-9 <removed> (bug #754237)
 	- kfreebsd-10 10.1~svn272463-1
 CVE-2014-3952 (FreeBSD 8.4 before p14, 9.1 before p17, 9.2 before p10, and 10.0 ...)
+	{DSA-3070-1}
 	- kfreebsd-8 <removed>
 	[squeeze] - kfreebsd-8 <end-of-life> (Unsupported in squeeze-lts)
 	[wheezy] - kfreebsd-8 <no-dsa> (kfreebsd-8 only a test kernel, will be fixed in a point update)
@@ -11314,6 +11317,7 @@
 CVE-2014-3712 (Katello allows remote attackers to cause a denial foser service ...)
 	NOT-FOR-US: Katello
 CVE-2014-3711 (namei in FreeBSD 9.1 through 10.1-RC2 allows remote attackers to cause ...)
+	{DSA-3070-1}
 	- kfreebsd-9 <removed> (bug #766275)
 	- kfreebsd-10 10.1~svn273874-1 (bug #766278)
 CVE-2014-3710 [out-of-bounds read in elf note headers]
@@ -11332,6 +11336,7 @@
 	NOTE: affected versions up to 2014.1.3, and 2014.2
 CVE-2014-3707 [duphandle read out of bounds]
 	RESERVED
+	{DSA-3069-1}
 	- curl 7.38.0-3
 	NOTE: http://curl.haxx.se/docs/adv_20141105.html
 	NOTE: Upstream commit: https://github.com/bagder/curl/commit/b3875606925536f82fc61f3114ac42f29eaf6945

More information about the Secure-testing-commits mailing list