[Secure-testing-commits] r38112 - data/CVE
security tracker role
sectracker at moszumanska.debian.org
Fri Dec 4 21:11:01 UTC 2015
Author: sectracker
Date: 2015-12-04 21:11:01 +0000 (Fri, 04 Dec 2015)
New Revision: 38112
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-12-04 18:33:30 UTC (rev 38111)
+++ data/CVE/list 2015-12-04 21:11:01 UTC (rev 38112)
@@ -1,3 +1,5 @@
+CVE-2015-8465
+ RESERVED
CVE-2015-XXXX [Open Redirect vulnerability]
- redmine <unfixed>
NOTE: http://www.redmine.org/projects/redmine/wiki/Security_Advisories
@@ -1028,14 +1030,12 @@
[wheezy] - redis <not-affected> (Vulnerable code not present)
[squeeze] - redis <not-affected> (Vulnerable code not present)
NOTE: https://github.com/antirez/redis/issues/2855
-CVE-2015-8078 [integer overflow in the section_offset addition after the c21e179c1f6b968fe69bebe079176714e511587b fix]
- RESERVED
+CVE-2015-8078 (Integer overflow in the index_urlfetch function in imap/index.c in ...)
- cyrus-imapd-2.4 <unfixed> (bug #804182)
[jessie] - cyrus-imapd-2.4 <not-affected> (Incomplete patch for CVE-2015-8076 not applied)
[wheezy] - cyrus-imapd-2.4 <not-affected> (Incomplete patch for CVE-2015-8076 not applied)
NOTE: https://cyrus.foundation/cyrus-imapd/commit/?id=6fb6a272171f49c79ba6ab7c6403eb25b39ec1b2
-CVE-2015-8077 [integer overflow in the start_octet addition after the 07de4ff1bf2fa340b9d77b8e7de8d43d47a33921 fix]
- RESERVED
+CVE-2015-8077 (Integer overflow in the index_urlfetch function in imap/index.c in ...)
- cyrus-imapd-2.4 <unfixed> (bug #804182)
[jessie] - cyrus-imapd-2.4 <not-affected> (Incomplete patch for CVE-2015-8076 not applied)
[wheezy] - cyrus-imapd-2.4 <not-affected> (Incomplete patch for CVE-2015-8076 not applied)
@@ -2936,8 +2936,7 @@
- nodejs 4.1.1~dfsg-3 (bug #800580)
[jessie] - nodejs <not-affected> (Vulnerability not present)
NOTE: https://groups.google.com/forum/#!topic/nodejs-sec/fSNEQiuof6I
-CVE-2015-8076 [urlfetch range handling flaw in Cyrus IMAP]
- RESERVED
+CVE-2015-8076 (The index_urlfetch function in index.c in Cyrus IMAP 2.3.x before ...)
- cyrus-imapd-2.4 2.4.17+nocaldav-2
NOTE: http://www.openwall.com/lists/oss-security/2015/09/29/2
NOTE: https://cyrus.foundation/cyrus-imapd/commit/?id=07de4ff1bf2fa340b9d77b8e7de8d43d47a33921
@@ -8627,8 +8626,7 @@
CVE-2015-5246
RESERVED
- foreman <itp> (bug #663101)
-CVE-2015-5245 [Ceph: Rados rest gateway returns requested bucket name raw in Bucket response header]
- RESERVED
+CVE-2015-5245 (CRLF injection vulnerability in the Ceph Object Gateway (aka radosgw ...)
[experimental] - ceph 0.94.3-1
- ceph 0.80.10-1 (bug #798567)
[jessie] - ceph <no-dsa> (Minor issue)
@@ -22353,13 +22351,11 @@
[squeeze] - rabbitmq-server <not-affected> (Management web UI not available in version 1.8.1)
CVE-2015-0861
RESERVED
-CVE-2015-0860 [off-by-one write access in dpkg-deb]
- RESERVED
+CVE-2015-0860 (Off-by-one error in the extracthalf function in dpkg-deb/extract.c in ...)
{DSA-3407-1}
- dpkg <unfixed>
[squeeze] - dpkg <not-affected> (Vulnerable code not present)
-CVE-2015-0859
- RESERVED
+CVE-2015-0859 (The Debian build procedure for the smokeping package in wheezy before ...)
{DSA-3405-1}
- smokeping 2.6.11-2
[squeeze] - smokeping <not-affected> (Vulnerable code not present)
More information about the Secure-testing-commits
mailing list