[Secure-testing-commits] r31804 - data/CVE
security tracker role
sectracker at moszumanska.debian.org
Wed Jan 28 21:10:16 UTC 2015
Author: sectracker
Date: 2015-01-28 21:10:16 +0000 (Wed, 28 Jan 2015)
New Revision: 31804
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-01-28 20:47:27 UTC (rev 31803)
+++ data/CVE/list 2015-01-28 21:10:16 UTC (rev 31804)
@@ -3143,6 +3143,7 @@
CVE-2015-0419 (Unspecified vulnerability in the Siebel UI Framework component in ...)
NOT-FOR-US: Oracle
CVE-2015-0418 (Unspecified vulnerability in the Oracle VM VirtualBox component in ...)
+ {DSA-3143-1}
- virtualbox 4.3.2-dfsg-1 (low; bug #775888)
- virtualbox-ose <removed> (low)
NOTE: This only affects releases < 4.3, so marking the first 4.3 upload as the fixed version
@@ -3277,6 +3278,7 @@
CVE-2015-0378 (Unspecified vulnerability in Oracle Sun Solaris 11 allows local users ...)
NOT-FOR-US: Oracle Sun Solaris
CVE-2015-0377 (Unspecified vulnerability in the Oracle VM VirtualBox component in ...)
+ {DSA-3143-1}
- virtualbox 4.3.2-dfsg-1
- virtualbox-ose <removed>
NOTE: According to http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html the 4.3
@@ -7498,12 +7500,12 @@
NOTE: http://www.ocert.org/advisories/ocert-2015-001.html
CVE-2014-8156
RESERVED
- - fso-deviced 0.12.0-5
- - fso-datad 0.12.0-3
- - fso-frameworkd 0.9.5.9+git20110512-5
- - fso-gsmd 0.12.0-4
- - fso-usaged 0.12.0-3
- - phonefsod 0.1+git20121018-2
+ - fso-deviced 0.12.0-5
+ - fso-datad 0.12.0-3
+ - fso-frameworkd 0.9.5.9+git20110512-5
+ - fso-gsmd 0.12.0-4
+ - fso-usaged 0.12.0-3
+ - phonefsod 0.1+git20121018-2
CVE-2014-8155
RESERVED
CVE-2014-8154 [Heap-buffer overflow in vala-gstreamer bindings at Gst.MapInfo()]
@@ -7667,7 +7669,7 @@
CVE-2014-8119
RESERVED
CVE-2014-8118 (Integer overflow in RPM 4.12 and earlier allows remote attackers to ...)
- {DSA-3129-1}
+ {DSA-3129-1 DLA-140-1}
- rpm 4.11.3-1.1 (bug #773101)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1168715
CVE-2014-8117 (softmagic.c in file before 5.21 does not properly limit recursion, ...)
@@ -8136,8 +8138,8 @@
- ffmpeg 7:2.5.1-1
[squeeze] - ffmpeg <end-of-life>
- libav <unfixed>
- NOTE: Pending for 0.8.17
- NOTE: ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=490a3ebf36821b81f73e34ad3f554cb523dd2682
+ NOTE: Pending for 0.8.17
+ NOTE: ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=490a3ebf36821b81f73e34ad3f554cb523dd2682
NOTE: libav: https://git.libav.org/?p=libav.git;a=commit;h=490a3ebf36821b81f73e34ad3f554cb523dd2682
CVE-2014-7932 (Use-after-free vulnerability in the Element::detach function in ...)
- chromium-browser 40.0.2214.91-1
@@ -30594,7 +30596,7 @@
[squeeze] - libvirt <not-affected> (vulnerable code not present, introduced in 1.1)
[wheezy] - libvirt <not-affected> (vulnerable code not present, introduced in 1.1)
CVE-2013-6435 (Race condition in RPM 4.11.1 and earlier allows remote attackers to ...)
- {DSA-3129-1}
+ {DSA-3129-1 DLA-140-1}
- rpm 4.11.3-1.1 (bug #773101)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1039811
CVE-2013-6434 (The remote-viewer in Red Hat Enterprise Virtualization Manager ...)
@@ -62962,6 +62964,7 @@
CVE-2012-0816
RESERVED
CVE-2012-0815 (The headerVerifyInfo function in lib/header.c in RPM before 4.9.1.3 ...)
+ {DLA-140-1}
- rpm 4.9.1.3-1 (bug #667031)
[squeeze] - rpm <no-dsa> (Minor issue)
CVE-2012-0814 (The auth_parse_options function in auth-options.c in sshd in OpenSSH ...)
@@ -65910,9 +65913,11 @@
CVE-2012-0062 (Red Hat JBoss Operations Network (JON) before 2.4.2 and 3.0.x before ...)
NOT-FOR-US: JBoss Operations Network
CVE-2012-0061 (The headerLoad function in lib/header.c in RPM before 4.9.1.3 does not ...)
+ {DLA-140-1}
- rpm 4.9.1.3-1 (bug #667031)
[squeeze] - rpm <no-dsa> (Minor issue)
CVE-2012-0060 (RPM before 4.9.1.3 does not properly validate region tags, which ...)
+ {DLA-140-1}
- rpm 4.9.1.3-1 (bug #667031)
[squeeze] - rpm <no-dsa> (Minor issue)
CVE-2012-0059 (Spacewalk-backend in Red Hat Network (RHN) Satellite and Proxy 5.4 ...)
More information about the Secure-testing-commits
mailing list