[Secure-testing-commits] r38436 - data/CVE

[Salvatore Bonaccorso]

Author: carnil
Date: 2015-12-19 21:38:58 +0000 (Sat, 19 Dec 2015)
New Revision: 38436

Modified:
   data/CVE/list
Log:
Add src:mono for CVE-2009-0689

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-12-19 19:22:00 UTC (rev 38435)
+++ data/CVE/list	2015-12-19 21:38:58 UTC (rev 38436)
@@ -130382,6 +130382,9 @@
 	- kdelibs 4:3.5.10.dfsg.1-3 (medium; bug #559265)
 	- kde4libs 4:4.3.4-1 (medium; bug #559266)
 	[lenny] - kde4libs <no-dsa> (Only uses by a few packages in Lenny, hardly any attack vector)
+	- mono 4.2.1.102+dfsg2-4
+	NOTE: http://www.mono-project.com/docs/about-mono/vulnerabilities/
+	NOTE: https://gist.github.com/directhex/01e853567fd2cc74ed39
 CVE-2009-0688 (Multiple buffer overflows in the CMU Cyrus SASL library before 2.1.23 ...)
 	{DSA-1807-1 DTSA-200-1 DTSA-201-1}
 	- cyrus-sasl2 2.1.23.dfsg1-1 (bug #528749)