[Secure-testing-commits] r35235 - data/CVE

security tracker role sectracker at moszumanska.debian.org
Mon Jun 29 21:10:14 UTC 2015 

Author: sectracker
Date: 2015-06-29 21:10:13 +0000 (Mon, 29 Jun 2015)
New Revision: 35235

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-06-29 20:54:19 UTC (rev 35234)
+++ data/CVE/list	2015-06-29 21:10:13 UTC (rev 35235)
@@ -833,9 +833,11 @@
 	NOTE: Introduced in: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0a14842f5a3c0e88a1e59fac5c3025db39721f74 (v3.0-rc1)
 CVE-2015-4696 [wmf2gd/wmf2eps use after free]
 	RESERVED
+	{DLA-257-1}
 	- libwmf <unfixed> (bug #784192)
 CVE-2015-4695 [meta_pen_create heap buffer overflow]
 	RESERVED
+	{DLA-257-1}
 	- libwmf <unfixed> (bug #784205)
 CVE-2015-4680 [insufficent CRL application]
 	RESERVED
@@ -3912,6 +3914,7 @@
 CVE-2015-3460
 	RESERVED
 CVE-2015-3905 (Buffer overflow in the set_cs_start function in t1disasm.c in t1utils ...)
+	{DLA-256-1}
 	- t1utils 1.38-4 (bug #779274)
 	NOTE: https://github.com/kohler/t1utils/issues/4
 	NOTE: http://www.openwall.com/lists/oss-security/2015/05/13/9
@@ -7219,7 +7222,7 @@
 	NOTE: Fixed by https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f84598bd7c851f8b0bf8cd0d7c3be0d73c432ff4 (v4.0-rc1)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/03/18/7
 CVE-2015-2684 (Shibboleth Service Provider (SP) before 2.5.4 allows remote ...)
-	{DSA-3207-1}
+	{DSA-3207-1 DLA-259-1}
 	- shibboleth-sp2 2.5.3+dfsg-2
 	NOTE: http://shibboleth.net/community/advisories/secadv_20150319.txt
 CVE-2015-2672 [unprivileged denial-of-service due to mis-protected xsave/xrstor instructions]
@@ -10355,6 +10358,7 @@
 	RESERVED
 CVE-2015-1330 [package auth bypass when using dpkg force-{confold,confnew}]
 	RESERVED
+	{DSA-3297-1}
 	- unattended-upgrades 0.86.1
 CVE-2015-1329
 	RESERVED
@@ -17131,7 +17135,7 @@
 CVE-2013-7410
 	RESERVED
 CVE-2010-5312 (Cross-site scripting (XSS) vulnerability in jquery.ui.dialog.js in the ...)
-	{DSA-3249-1}
+	{DSA-3249-1 DLA-258-1}
 	- jqueryui 1.10.1+dfsg-1
 	- owncloud <not-affected> (embedded copy, bug #722500, of version 1.10.1, already fixed)
 	NOTE: http://bugs.jqueryui.com/ticket/6016

More information about the Secure-testing-commits mailing list