[Secure-testing-commits] r36092 - in data: . CVE

[Moritz Muehlenhoff]

Author: jmm
Date: 2015-08-15 23:38:07 +0000 (Sat, 15 Aug 2015)
New Revision: 36092

Modified:
   data/CVE/list
   data/embedded-code-copies
Log:
new wireshark issues
mark audit as unimportant


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-08-15 21:10:13 UTC (rev 36091)
+++ data/CVE/list	2015-08-15 23:38:07 UTC (rev 36092)
@@ -1,3 +1,30 @@
+CVE-2015-XXXX [wnpa 2015-21]
+	- wireshark 1.12.7+g7fc8978-1
+	NOTE: https://www.wireshark.org/security/wnpa-sec-2015-21.html
+CVE-2015-XXXX [wnpa 2015-22]
+	- wireshark 1.12.7+g7fc8978-1
+	NOTE: https://www.wireshark.org/security/wnpa-sec-2015-22.html
+CVE-2015-XXXX [wnpa 2015-23]
+	- wireshark 1.12.7+g7fc8978-1
+	NOTE: https://www.wireshark.org/security/wnpa-sec-2015-23.html
+CVE-2015-XXXX [wnpa 2015-24]
+	- wireshark 1.12.7+g7fc8978-1
+	NOTE: https://www.wireshark.org/security/wnpa-sec-2015-24.html
+CVE-2015-XXXX [wnpa 2015-25]
+	- wireshark 1.12.7+g7fc8978-1
+	NOTE: https://www.wireshark.org/security/wnpa-sec-2015-25.html
+CVE-2015-XXXX [wnpa 2015-26]
+	- wireshark 1.12.7+g7fc8978-1
+	NOTE: https://www.wireshark.org/security/wnpa-sec-2015-26.html
+CVE-2015-XXXX [wnpa 2015-27]
+	- wireshark 1.12.7+g7fc8978-1
+	NOTE: https://www.wireshark.org/security/wnpa-sec-2015-27.html
+CVE-2015-XXXX [wnpa 2015-28]
+	- wireshark 1.12.7+g7fc8978-1
+	NOTE: https://www.wireshark.org/security/wnpa-sec-2015-28.html
+CVE-2015-XXXX [wnpa 2015-29]
+	- wireshark 1.12.7+g7fc8978-1
+	NOTE: https://www.wireshark.org/security/wnpa-sec-2015-29.html
 CVE-2015-5986
 	RESERVED
 CVE-2015-XXXX [denial of service with unusual traffic]
@@ -91,6 +118,7 @@
 	NOT-FOR-US: Mozilla Firefox OS
 CVE-2015-XXXX [allows access to a connected USB printer via all configured network addresses]
 	- ippusbxd 1.22-1 (bug #795162)
+	[jessie] - ippusbxd <no-dsa> (Minor issue)
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/08/11/1
 	NOTE: https://github.com/tillkamppeter/ippusbxd/commit/46844402bca7a38fc224483ba6f0a93c4613203f
 	NOTE: https://github.com/tillkamppeter/ippusbxd/commit/a632841f8e65d402e13e81921515f5a1e2736c82
@@ -2010,10 +2038,8 @@
 	NOT-FOR-US: candleping
 CVE-2015-5186 [log terminal emulator escape sequences handling]
 	RESERVED
-	- audit <unfixed> (bug #795457)
-	[jessie] - audit <no-dsa> (Minor issue)
-	[wheezy] - audit <no-dsa> (Minor issue)
-	[squeeze] - audit <no-dsa> (Minor issue)
+	- audit <unfixed> (unimportant; bug #795457)
+	NOTE: Hardening, not a vulnerability. This is treated as a vulnerability in terminal emulators
 	NOTE: https://fedorahosted.org/audit/changeset/1122
 CVE-2015-5185
 	RESERVED

Modified: data/embedded-code-copies
===================================================================
--- data/embedded-code-copies	2015-08-15 21:10:13 UTC (rev 36091)
+++ data/embedded-code-copies	2015-08-15 23:38:07 UTC (rev 36092)
@@ -2735,6 +2735,9 @@
 flowplayer-core (not packaged in Debian)
 	- mahara <unfixed> (modified-embed)
 
+rawspeed
+        - darktable <unfixed>
+
 dcraw
 	- ufraw <unfixed>
 	- libraw <unfixed>