[Secure-testing-commits] r30437 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sat Nov 29 13:24:00 UTC 2014
Author: carnil
Date: 2014-11-29 13:24:00 +0000 (Sat, 29 Nov 2014)
New Revision: 30437
Modified:
data/CVE/list
Log:
CVE-2014-9140/tcpdump
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-11-29 12:47:24 UTC (rev 30436)
+++ data/CVE/list 2014-11-29 13:24:00 UTC (rev 30437)
@@ -1,5 +1,8 @@
CVE-2014-XXXX [nvi: insecure use of /var/tmp in postinst]
- nvi <unfixed> (bug #771375)
+CVE-2014-9140 [buffer overflow in the PPP dissector]
+ - tcpdump 4.6.2-3
+ NOTE: https://github.com/the-tcpdump-group/tcpdump/commit/0f95d441e4b5d7512cc5c326c8668a120e048eda
CVE-2014-9130 [denial-of-service/application crash with untrusted yaml input]
- libyaml 0.1.6-3 (bug #771366)
- libyaml-libyaml-perl 0.41-6 (bug #771365)
More information about the Secure-testing-commits
mailing list