[Secure-testing-commits] r32340 - data/CVE

security tracker role sectracker at moszumanska.debian.org
Thu Feb 19 09:16:11 UTC 2015 

Author: sectracker
Date: 2015-02-19 09:12:19 +0000 (Thu, 19 Feb 2015)
New Revision: 32340

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-02-19 06:27:10 UTC (rev 32339)
+++ data/CVE/list	2015-02-19 09:12:19 UTC (rev 32340)
@@ -661,6 +661,7 @@
 	NOT-FOR-US: FlexPaper
 CVE-2015-1593 [Linux ASLR integer overflow]
 	RESERVED
+	{DLA-155-1}
 	- linux <unfixed>
 	- linux-2.6 <removed>
 	NOTE: http://hmarco.org/bugs/linux-ASLR-integer-overflow.html
@@ -1481,6 +1482,7 @@
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=981942
 CVE-2015-1421 [net: sctp: slab corruption from use after free on INIT collisions]
 	RESERVED
+	{DLA-155-1}
 	- linux 3.16.7-ckt4-3
 	- linux-2.6 <removed>
 	NOTE: Upstream fix: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=600ddd6825543962fb807884169e57b580dba208
@@ -1516,6 +1518,7 @@
 	RESERVED
 CVE-2015-1349 [bind9 crash in trust anchor management]
 	RESERVED
+	{DSA-3162-1}
 	- bind9 1:9.9.5.dfsg-9 (low; bug #778733)
 CVE-2015-1348 (Heap-based buffer overflow in Aruba Instant (IAP) with firmware before ...)
 	NOT-FOR-US: Aruba Instant
@@ -3709,6 +3712,7 @@
 CVE-2015-0565
 	RESERVED
 CVE-2014-9585 (The vdso_addr function in arch/x86/vdso/vma.c in the Linux kernel ...)
+	{DLA-155-1}
 	- linux 3.16.7-ckt4-1
 	- linux-2.6 <removed>
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/tip/tip.git/commit/?id=fbe1bf140671619508dfa575d74a185ae53c5dbb
@@ -4193,7 +4197,7 @@
 	[squeeze] - mantis <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: https://www.mantisbt.org/bugs/view.php?id=9885
 CVE-2014-9584 (The parse_rock_ridge_inode_internal function in fs/isofs/rock.c in the ...)
-	{DSA-3128-1}
+	{DSA-3128-1 DLA-155-1}
 	- linux 3.16.7-ckt4-1
 	- linux-2.6 <removed>
 	NOTE: Upstream fix: https://git.kernel.org/linus/4e2024624e678f0ebb916e6192bd23c1f9fdf696 (v3.19-rc3)
@@ -4967,6 +4971,7 @@
 	- linux-2.6 <removed>
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/arch/x86?id=f647d7c155f069c1a068030255c300663516420e (v3.19-rc1)
 CVE-2014-9420 (The rock_continue function in fs/isofs/rock.c in the Linux kernel ...)
+	{DLA-155-1}
 	- linux 3.16.7-ckt4-1
 	[wheezy] - linux 3.2.65-1
 	- linux-2.6 <removed>
@@ -9097,6 +9102,7 @@
 	[wheezy] - postgresql-8.4 <not-affected> (postgresql-8.4 in wheezy only provides PL/Perl)
 CVE-2014-8160 [iptables restriction bypass if a protocol handler kernel module not loaded]
 	RESERVED
+	{DLA-155-1}
 	- linux 3.16.7-ckt4-1
 	- linux-2.6 <removed>
 	NOTE: Upstream commit: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=db29a9508a9246e77087c5531e45b2c88ec6988b (v3.18-rc1)
@@ -9207,12 +9213,13 @@
 	NOTE: Upstream fix: http://libvirt.org/git/?p=libvirt.git;a=commit;h=87b9437f8951f9d24f9a85c6bbfff0e54df8c984 (v1.2.11-rc1)
 	NOTE: Introduced by http://libvirt.org/git/?p=libvirt.git;a=commitdiff;h=4a85bf3e2fa703fdc14e8c49d5017ef04832a1d7 (v1.2.8-rc1)
 CVE-2014-8134 (The paravirt_ops_setup function in arch/x86/kernel/kvm.c in the Linux ...)
+	{DLA-155-1}
 	- linux 3.16.7-ckt4-1
 	[wheezy] - linux 3.2.65-1
 	- linux-2.6 <removed>
 	NOTE: http://www.spinics.net/lists/kvm/msg111458.html
 CVE-2014-8133 (arch/x86/kernel/tls.c in the Thread Local Storage (TLS) implementation ...)
-	{DSA-3128-1}
+	{DSA-3128-1 DLA-155-1}
 	- linux 3.16.7-ckt4-1
 	- linux-2.6 <removed>
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/arch/x86?id=41bdc78544b8a93a9c6814b8bbbfef966272abbe
@@ -10167,6 +10174,7 @@
 	NOTE: Fixed by http://libvirt.org/git/?p=libvirt.git;a=commit;h=b1674ad5a97441b7e1bd5f5ebaff498ef2fbb11b
 CVE-2014-7822 [splice: lack of generic write checks]
 	RESERVED
+	{DLA-155-1}
 	- linux 3.16.2-1
 	- linux-2.6 <removed>
 	NOTE: Upstream fixes: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8d0207652cbe27d1f962050737848e5ad4671958 (v3.16-rc1)
@@ -31136,7 +31144,7 @@
 CVE-2012-6608 (Cross-site scripting (XSS) vulnerability in xmlservices/E_book.php in ...)
 	NOT-FOR-US: Elastix
 CVE-2013-6885 (The microcode on AMD 16h 00h through 0Fh processors does not properly ...)
-	{DSA-3128-1}
+	{DSA-3128-1 DLA-155-1}
 	- linux 3.14.2-1
 	- linux-2.6 <removed>
 	NOTE: https://lkml.org/lkml/2014/1/14/198

More information about the Secure-testing-commits mailing list