[Secure-testing-commits] r33961 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Wed Apr 29 19:51:56 UTC 2015


Author: carnil
Date: 2015-04-29 19:51:56 +0000 (Wed, 29 Apr 2015)
New Revision: 33961

Modified:
   data/CVE/list
Log:
Add four clamav CVEs

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-04-29 19:12:20 UTC (rev 33960)
+++ data/CVE/list	2015-04-29 19:51:56 UTC (rev 33961)
@@ -1952,8 +1952,9 @@
 	RESERVED
 CVE-2015-2669
 	RESERVED
-CVE-2015-2668
+CVE-2015-2668 [Infinite loop condition on a crafted "xz" archive file]
 	RESERVED
+	- clamav <unfixed>
 CVE-2015-2667
 	RESERVED
 CVE-2015-2665
@@ -3190,10 +3191,12 @@
 	RESERVED
 CVE-2015-2223 (Multiple cross-site scripting (XSS) vulnerabilities in Palo Alto ...)
 	NOT-FOR-US: Palo Alto Networks Traps
-CVE-2015-2222
+CVE-2015-2222 [Crash on crafted petite packed file]
 	RESERVED
-CVE-2015-2221
+	- clamav <unfixed>
+CVE-2015-2221 [Infinite loop condition on crafted y0da cryptor file]
 	RESERVED
+	- clamav <unfixed>
 CVE-2015-2220 (Multiple cross-site scripting (XSS) vulnerabilities in the Ninja Forms ...)
 	NOT-FOR-US: Ninja Forms plugin for WordPress
 CVE-2015-2219
@@ -3340,8 +3343,9 @@
 	- zope2.12 2.12.10-1
 CVE-2015-2171 (Middleware/SessionCookie.php in Slim before 2.6.0 allows remote ...)
 	NOT-FOR-US: Slim PHP Framework
-CVE-2015-2170
+CVE-2015-2170 [Crash in upx decoder with crafted file]
 	RESERVED
+	- clamav <unfixed>
 CVE-2015-2169
 	RESERVED
 CVE-2015-2168




More information about the Secure-testing-commits mailing list