[Secure-testing-commits] r32576 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Mon Mar 2 11:51:58 UTC 2015
Author: carnil
Date: 2015-03-02 11:51:58 +0000 (Mon, 02 Mar 2015)
New Revision: 32576
Modified:
data/CVE/list
Log:
Add suricata and libhtp issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-03-02 09:43:54 UTC (rev 32575)
+++ data/CVE/list 2015-03-02 11:51:58 UTC (rev 32576)
@@ -1,3 +1,15 @@
+CVE-2015-XXXX [dcerpc: exit()'s on malloc failure]
+ - suricata <unfixed>
+ NOTE: https://github.com/inliniac/suricata/commit/89017d0b03bf715a3f4e11b612c6c7a23549304a
+ NOTE: Fixed in suricata 2.0.7 upstream
+ TODO: check
+CVE-2015-XXXX [http uri parsing issue]
+ - libhtp <unfixed>
+ - suricata <unfixed>
+ NOTE: https://redmine.openinfosecfoundation.org/issues/1391
+ NOTE: https://github.com/OISF/libhtp/commit/1a6c9465fb641f81460392f622d1878d5e87fc00
+ NOTE: Fixed in suricata 2.0.7 and Libhtp 0.5.17 upstream
+ TODO: check
CVE-2015-XXXX [MATTA-2015-002: Enforce acceptable range for Diffie-Hellman server value]
- putty 0.63-10
NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/02/27/4
@@ -3294,8 +3306,12 @@
NOT-FOR-US: SerVision HVG Video Gateway
CVE-2015-0929 (time.htm in the web interface on SerVision HVG Video Gateway devices ...)
NOT-FOR-US: SerVision HVG Video Gateway
-CVE-2015-0928
+CVE-2015-0928 [DCERPC traffic parsing issue]
RESERVED
+ - suricata <unfixed>
+ NOTE: https://redmine.openinfosecfoundation.org/issues/1385
+ NOTE: Commit: https://github.com/inliniac/suricata/commit/56196ace51395fcb2d8fc30d586e9ad782306d31
+ NOTE: Fixed upstream in 2.0.7
CVE-2015-0927
RESERVED
CVE-2015-0926 (Labtech before 100.237 on Linux uses world-writable permissions for ...)
More information about the Secure-testing-commits
mailing list