[Secure-testing-commits] r38326 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Tue Dec 15 18:06:43 UTC 2015


Author: carnil
Date: 2015-12-15 18:06:43 +0000 (Tue, 15 Dec 2015)
New Revision: 38326

Modified:
   data/CVE/list
Log:
Add CVE-2015-5259/subversion

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-12-15 17:50:36 UTC (rev 38325)
+++ data/CVE/list	2015-12-15 18:06:43 UTC (rev 38326)
@@ -10375,8 +10375,13 @@
 	RESERVED
 	{DSA-3371-1}
 	- spice 0.12.5-1.3 (bug #801089)
-CVE-2015-5259
+CVE-2015-5259 [Remotely triggerable heap overflow and out-of-bounds read caused by integer overflow in the svn:// protocol parser]
 	RESERVED
+	- subversion <unfixed>
+	[jessie] - subversion <not-affected> (Only affects 1.9.0 through 1.9.2 (inclusive))
+	[wheezy] - subversion <not-affected> (Only affects 1.9.0 through 1.9.2 (inclusive))
+	[squeeze] - subversion <not-affected> (Only affects 1.9.0 through 1.9.2 (inclusive))
+	NOTE: https://subversion.apache.org/security/CVE-2015-5259-advisory.txt
 CVE-2015-5258
 	RESERVED
 CVE-2015-5257 (drivers/usb/serial/whiteheat.c in the Linux kernel before 4.2.4 allows ...)




More information about the Secure-testing-commits mailing list