[Secure-testing-commits] r38398 - data/CVE

Raphaël Hertzog hertzog at moszumanska.debian.org
Thu Dec 17 20:50:15 UTC 2015


Author: hertzog
Date: 2015-12-17 20:50:14 +0000 (Thu, 17 Dec 2015)
New Revision: 38398

Modified:
   data/CVE/list
Log:
Mark libnsbmp/libnsgif issues as no-dsa on squeeze

And filed bugs to get the package removed from Debian.

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-12-17 20:50:04 UTC (rev 38397)
+++ data/CVE/list	2015-12-17 20:50:14 UTC (rev 38398)
@@ -4521,18 +4521,22 @@
 CVE-2015-7508 [heap overflow]
 	RESERVED
 	- libnsbmp <unfixed>
+	[squeeze] - libnsbmp <no-dsa> (Library not used anywhere in Debian)
 	TODO: check
 CVE-2015-7507 [out-of-bounds read]
 	RESERVED
 	- libnsbmp <unfixed>
+	[squeeze] - libnsbmp <no-dsa> (Library not used anywhere in Debian)
 	TODO: check
 CVE-2015-7506 [out-of-bounds read]
 	RESERVED
 	- libnsgif <unfixed>
+	[squeeze] - libnsgif <no-dsa> (Library not used anywhere in Debian)
 	TODO: check
 CVE-2015-7505 [stack overflow]
 	RESERVED
 	- libnsgif <unfixed>
+	[squeeze] - libnsgif <no-dsa> (Library not used anywhere in Debian)
 	TODO: check
 CVE-2015-7504 [net: pcnet: heap overflow vulnerability in loopback mode]
 	RESERVED




More information about the Secure-testing-commits mailing list