[Secure-testing-commits] r31804 - data/CVE

Wed Jan 28 21:10:16 UTC 2015

Author: sectracker
Date: 2015-01-28 21:10:16 +0000 (Wed, 28 Jan 2015)
New Revision: 31804

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================

--- data/CVE/list	2015-01-28 20:47:27 UTC (rev 31803)
+++ data/CVE/list	2015-01-28 21:10:16 UTC (rev 31804)
@@ -3143,6 +3143,7 @@
 CVE-2015-0419 (Unspecified vulnerability in the Siebel UI Framework component in ...)
 	NOT-FOR-US: Oracle
 CVE-2015-0418 (Unspecified vulnerability in the Oracle VM VirtualBox component in ...)
+	{DSA-3143-1}
 	- virtualbox 4.3.2-dfsg-1 (low; bug #775888)
 	- virtualbox-ose <removed> (low)
 	NOTE: This only affects releases < 4.3, so marking the first 4.3 upload as the fixed version
@@ -3277,6 +3278,7 @@
 CVE-2015-0378 (Unspecified vulnerability in Oracle Sun Solaris 11 allows local users ...)
 	NOT-FOR-US: Oracle Sun Solaris
 CVE-2015-0377 (Unspecified vulnerability in the Oracle VM VirtualBox component in ...)
+	{DSA-3143-1}
 	- virtualbox 4.3.2-dfsg-1
 	- virtualbox-ose <removed>
 	NOTE: According to http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html the 4.3
@@ -7498,12 +7500,12 @@
 	NOTE: http://www.ocert.org/advisories/ocert-2015-001.html
 CVE-2014-8156
 	RESERVED
-        - fso-deviced 0.12.0-5
-        - fso-datad 0.12.0-3
-        - fso-frameworkd 0.9.5.9+git20110512-5
-        - fso-gsmd 0.12.0-4
-        - fso-usaged 0.12.0-3
-        - phonefsod 0.1+git20121018-2
+	- fso-deviced 0.12.0-5
+	- fso-datad 0.12.0-3
+	- fso-frameworkd 0.9.5.9+git20110512-5
+	- fso-gsmd 0.12.0-4
+	- fso-usaged 0.12.0-3
+	- phonefsod 0.1+git20121018-2
 CVE-2014-8155
 	RESERVED
 CVE-2014-8154 [Heap-buffer overflow in vala-gstreamer bindings at Gst.MapInfo()]
@@ -7667,7 +7669,7 @@
 CVE-2014-8119
 	RESERVED
 CVE-2014-8118 (Integer overflow in RPM 4.12 and earlier allows remote attackers to ...)
-	{DSA-3129-1}
+	{DSA-3129-1 DLA-140-1}
 	- rpm 4.11.3-1.1 (bug #773101)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1168715
 CVE-2014-8117 (softmagic.c in file before 5.21 does not properly limit recursion, ...)
@@ -8136,8 +8138,8 @@
 	- ffmpeg 7:2.5.1-1
 	[squeeze] - ffmpeg <end-of-life>
 	- libav <unfixed>
-        NOTE: Pending for 0.8.17
-        NOTE: ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=490a3ebf36821b81f73e34ad3f554cb523dd2682
+	NOTE: Pending for 0.8.17
+	NOTE: ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=490a3ebf36821b81f73e34ad3f554cb523dd2682
 	NOTE: libav: https://git.libav.org/?p=libav.git;a=commit;h=490a3ebf36821b81f73e34ad3f554cb523dd2682
 CVE-2014-7932 (Use-after-free vulnerability in the Element::detach function in ...)
 	- chromium-browser 40.0.2214.91-1
@@ -30594,7 +30596,7 @@
 	[squeeze] - libvirt <not-affected> (vulnerable code not present, introduced in 1.1)
 	[wheezy] - libvirt <not-affected> (vulnerable code not present, introduced in 1.1)
 CVE-2013-6435 (Race condition in RPM 4.11.1 and earlier allows remote attackers to ...)
-	{DSA-3129-1}
+	{DSA-3129-1 DLA-140-1}
 	- rpm 4.11.3-1.1 (bug #773101)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1039811
 CVE-2013-6434 (The remote-viewer in Red Hat Enterprise Virtualization Manager ...)
@@ -62962,6 +62964,7 @@
 CVE-2012-0816
 	RESERVED
 CVE-2012-0815 (The headerVerifyInfo function in lib/header.c in RPM before 4.9.1.3 ...)
+	{DLA-140-1}
 	- rpm 4.9.1.3-1 (bug #667031)
 	[squeeze] - rpm <no-dsa> (Minor issue)
 CVE-2012-0814 (The auth_parse_options function in auth-options.c in sshd in OpenSSH ...)
@@ -65910,9 +65913,11 @@
 CVE-2012-0062 (Red Hat JBoss Operations Network (JON) before 2.4.2 and 3.0.x before ...)
 	NOT-FOR-US: JBoss Operations Network
 CVE-2012-0061 (The headerLoad function in lib/header.c in RPM before 4.9.1.3 does not ...)
+	{DLA-140-1}
 	- rpm 4.9.1.3-1 (bug #667031)
 	[squeeze] - rpm <no-dsa> (Minor issue)
 CVE-2012-0060 (RPM before 4.9.1.3 does not properly validate region tags, which ...)
+	{DLA-140-1}
 	- rpm 4.9.1.3-1 (bug #667031)
 	[squeeze] - rpm <no-dsa> (Minor issue)
 CVE-2012-0059 (Spacewalk-backend in Red Hat Network (RHN) Satellite and Proxy 5.4 ...)


