[Secure-testing-commits] r36306 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Wed Aug 26 05:25:47 UTC 2015 

Author: carnil
Date: 2015-08-26 05:25:47 +0000 (Wed, 26 Aug 2015)
New Revision: 36306

Modified:
   data/CVE/list
Log:
Update entries for fixes in libxml2 with unstable upload

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-08-26 05:00:42 UTC (rev 36305)
+++ data/CVE/list	2015-08-26 05:25:47 UTC (rev 36306)
@@ -8457,13 +8457,13 @@
 	NOTE: Fixed by: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8b01fc86b9f425899f8a3a8fc1c47d73c2c20543
 	NOTE: http://www.openwall.com/lists/oss-security/2015/04/20/1
 CVE-2015-XXXX [out-of-bounds memory access]
-	- libxml2 <unfixed> (bug #783010)
+	- libxml2 2.9.2+really2.9.1+dfsg1-0.1 (bug #783010)
 	[squeeze] - libxml2 2.7.8.dfsg-2+squeeze12
 	NOTE: Added workaround item to reflect entry fixed status, remove once CVE assigned
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=744980
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/04/19/5
 CVE-2015-XXXX [out-of-bounds memory access when parsing an unclosed HTML comment]
-	- libxml2 <unfixed> (bug #782985)
+	- libxml2 2.9.2+really2.9.1+dfsg1-0.1 (bug #782985)
 	[squeeze] - libxml2 2.7.8.dfsg-2+squeeze12
 	NOTE: Added workaround item to reflect entry fixed status, remove once CVE assigned
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/04/19/4
@@ -13147,7 +13147,7 @@
 	NOTE: Patch: https://github.com/rest-client/rest-client/pull/365.patch (will need new dependency to ruby-http-cookie)
 CVE-2015-1819 (The xmlreader in libxml allows remote attackers to cause a denial of ...)
 	{DLA-266-1}
-	- libxml2 <unfixed> (low; bug #782782)
+	- libxml2 2.9.2+really2.9.1+dfsg1-0.1 (low; bug #782782)
 	NOTE: https://git.gnome.org/browse/libxml2/commit/?id=213f1fe0d76d30eaed6e5853057defc43e6df2c9
 	NOTE: Concerns by Florian Weimer: https://bugzilla.gnome.org/show_bug.cgi?id=748278
 CVE-2015-1818 (XML external entity (XXE) vulnerability in the dashbuilder import ...)

More information about the Secure-testing-commits mailing list