[Secure-testing-commits] r38506 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Thu Dec 24 05:21:50 UTC 2015
Author: carnil
Date: 2015-12-24 05:21:50 +0000 (Thu, 24 Dec 2015)
New Revision: 38506
Modified:
data/CVE/list
Log:
Add CVE-2015-8659/nghttp2
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-12-24 05:16:25 UTC (rev 38505)
+++ data/CVE/list 2015-12-24 05:21:50 UTC (rev 38506)
@@ -406,6 +406,10 @@
NOTE: Upstream commit: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=acff81ec2c79492b180fade3c2894425cd35a545 (v4.4-rc4)
NOTE: OverlayFS introduced in https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e9be9d5e76e34872f0c37d72e25bc27fe9e2c54c (v3.18-rc2)
NOTE: http://www.openwall.com/lists/oss-security/2015/12/23/5
+CVE-2015-8659 [Use after free]
+ - nghttp2 <unfixed>
+ NOTE: https://nghttp2.org/blog/2015/12/23/nghttp2-v1-6-0/
+ TODO: check versions
CVE-2015-8628
- mediawiki <removed>
NOTE: https://phabricator.wikimedia.org/T109724
More information about the Secure-testing-commits
mailing list