[Secure-testing-commits] r32680 - data/CVE
security tracker role
sectracker at moszumanska.debian.org
Fri Mar 6 21:10:16 UTC 2015
Author: sectracker
Date: 2015-03-06 21:10:16 +0000 (Fri, 06 Mar 2015)
New Revision: 32680
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-03-06 17:28:59 UTC (rev 32679)
+++ data/CVE/list 2015-03-06 21:10:16 UTC (rev 32680)
@@ -2118,7 +2118,7 @@
NOTE: http://www.openwall.com/lists/oss-security/2015/02/02/2
CVE-2015-1473 [silly hairsplitting ID related to CVE-2015-1472]
RESERVED
- {DSA-3169-1}
+ {DSA-3169-1 DLA-165-1}
- glibc 2.19-15 (bug #777197)
- eglibc <removed>
[squeeze] - eglibc <not-affected> (Vulnerable code not present)
@@ -2128,7 +2128,7 @@
NOTE: the patch was backported into wheezy (patches/any/cvs-vfscanf.diff), but not squeeze
CVE-2015-1472 [incorrect second argument to realloc leads to a buffer overflow]
RESERVED
- {DSA-3169-1}
+ {DSA-3169-1 DLA-165-1}
- glibc 2.19-15 (bug #777197)
- eglibc <removed>
[squeeze] - eglibc <not-affected> (Vulnerable code not present)
@@ -2338,7 +2338,7 @@
- kamailio 4.0.2-1 (bug #712083)
CVE-2013-7424 [Invalid-free when using getaddrinfo()]
RESERVED
- {DSA-3169-1}
+ {DSA-3169-1 DLA-165-1}
- glibc 2.15-1
- eglibc 2.15-1
NOTE: http://seclists.org/oss-sec/2015/q1/306
@@ -2519,6 +2519,7 @@
NOTE: https://github.com/chjj/marked/issues/492
NOTE: libv8 is not covered by security support
CVE-2013-7423 (The send_dg function in resolv/res_send.c in GNU C Library (aka glibc ...)
+ {DLA-165-1}
- glibc 2.19-1 (bug #722075)
[wheezy] - eglibc 2.13-38+deb7u5
- eglibc <removed>
@@ -20111,7 +20112,7 @@
[wheezy] - openafs <not-affected> (Vulnerable code introduced in 1.6.8)
[squeeze] - openafs <not-affected> (Vulnerable code introduced in 1.6.8)
CVE-2014-4043 (The posix_spawn_file_actions_addopen function in glibc before 2.20 ...)
- {DSA-3169-1}
+ {DSA-3169-1 DLA-165-1}
- eglibc <removed>
- glibc 2.19-2 (low; bug #751774)
[wheezy] - eglibc <no-dsa> (Minor issue)
@@ -37399,6 +37400,7 @@
CVE-2013-4789 (SQL injection vulnerability in modules/rss/rss.php in Cotonti before ...)
NOT-FOR-US: Cotonti
CVE-2013-4788 (The PTR_MANGLE implementation in the GNU C Library (aka glibc or ...)
+ {DLA-165-1}
- glibc 2.17-94 (low; bug #717178)
- eglibc <removed>
[wheezy] - eglibc 2.13-38+deb7u1
@@ -38430,6 +38432,7 @@
CVE-2013-4459 (LightDM 1.7.5 through 1.8.3 and 1.9.x before 1.9.2 does not apply the ...)
- lightdm <not-affected> (Only in combination with guest profile, apparmor and 1.8.x branch)
CVE-2013-4458 (Stack-based buffer overflow in the getaddrinfo function in ...)
+ {DLA-165-1}
- eglibc <removed>
- glibc 2.18-1 (low; bug #727181)
[wheezy] - eglibc 2.13-38+deb7u1
@@ -38772,6 +38775,7 @@
NOTE: libav fix: http://git.libav.org/?p=libav.git;a=commit;h=072be3e8969f24113d599444be4d6a0ed04a6602
CVE-2013-4357 [getaddrinfo(), glob_in_dir stack overflow]
RESERVED
+ {DLA-165-1}
- eglibc 2.17-1 (unimportant; bug #742925)
[wheezy] - eglibc 2.13-38+deb7u6
NOTE: http://sourceware.org/bugzilla/show_bug.cgi?id=12671
@@ -38884,6 +38888,7 @@
RESERVED
NOT-FOR-US: OpenPNE
CVE-2013-4332 (Multiple integer overflows in malloc/malloc.c in the GNU C Library ...)
+ {DLA-165-1}
- glibc 2.17-93 (bug #722536)
- eglibc <removed>
[wheezy] - eglibc 2.13-38+deb7u1
@@ -39224,6 +39229,7 @@
NOTE: http://bugs.python.org/issue18709
NOTE: https://bugs.mageia.org/show_bug.cgi?id=10989
CVE-2013-4237 (sysdeps/posix/readdir_r.c in the GNU C Library (aka glibc or libc6) ...)
+ {DLA-165-1}
- eglibc <removed>
- glibc 2.17-94 (bug #719558)
[wheezy] - eglibc 2.13-38+deb7u1
@@ -45409,6 +45415,7 @@
NOTE: https://github.com/SpiderLabs/ModSecurity/commit/d4d80b38aa85eccb26e3c61b04d16e8ca5de76fe
NOTE: http://marc.info/?l=oss-security&m=136499182131283&w=2
CVE-2013-1914 (Stack-based buffer overflow in the getaddrinfo function in ...)
+ {DLA-165-1}
- eglibc <removed>
- glibc 2.17-2 (low; bug #704623)
[wheezy] - eglibc 2.13-38+deb7u1
@@ -50650,6 +50657,7 @@
- drupal7 7.14-1.3 (bug #698334)
NOTE: https://drupal.org/SA-CORE-2013-001
CVE-2013-0242 (Buffer overflow in the extend_buffers function in the regular ...)
+ {DLA-165-1}
- eglibc <removed>
- glibc 2.17-2 (low; bug #699399)
[wheezy] - eglibc 2.13-38+deb7u1
@@ -56575,6 +56583,7 @@
- spice-gtk 0.12-5 (bug #689155)
NOTE: http://www.openwall.com/lists/oss-security/2012/09/13/18
CVE-2012-4424 (Stack-based buffer overflow in string/strcoll_l.c in the GNU C Library ...)
+ {DLA-165-1}
- eglibc <removed>
- glibc 2.17-94 (low; bug #689423)
[wheezy] - eglibc 2.13-38+deb7u1
@@ -56619,6 +56628,7 @@
- keystone 2012.1.1-6 (bug #687428)
NOTE: http://www.openwall.com/lists/oss-security/2012/09/12/7
CVE-2012-4412 (Integer overflow in string/strcoll_l.c in the GNU C Library (aka glibc ...)
+ {DLA-165-1}
- eglibc <removed>
- glibc 2.17-94 (low; bug #687530)
[wheezy] - eglibc 2.13-38+deb7u1
@@ -58998,6 +59008,7 @@
NOTE: http://www.openwall.com/lists/oss-security/2012/08/20/8
NOTE: https://bugzilla.novell.com/show_bug.cgi?id=776572
CVE-2012-3480 (Multiple integer overflows in the (1) strtod, (2) strtof, (3) strtold, ...)
+ {DLA-165-1}
- eglibc 2.13-36 (bug #684889)
[squeeze] - eglibc <no-dsa> (Minor issue)
- glibc 2.13-36
@@ -59232,7 +59243,7 @@
NOTE: http://www.openwall.com/lists/oss-security/2012/07/11/6
NOTE: http://www.openwall.com/lists/oss-security/2012/07/11/16
CVE-2012-3406 (The vfprintf function in stdio-common/vfprintf.c in GNU C Library (aka ...)
- {DSA-3169-1}
+ {DSA-3169-1 DLA-165-1}
- eglibc <removed>
- glibc 2.19-14 (low; bug #681888)
[squeeze] - eglibc <no-dsa> (Minor issue)
@@ -59242,6 +59253,7 @@
NOTE: http://www.openwall.com/lists/oss-security/2012/07/11/5
NOTE: http://www.openwall.com/lists/oss-security/2012/07/11/17
CVE-2012-3405 (The vfprintf function in stdio-common/vfprintf.c in libc in GNU C ...)
+ {DLA-165-1}
- glibc 2.13-35 (low; bug #681473)
- eglibc 2.13-35 (low; bug #681473)
[squeeze] - eglibc <no-dsa> (Minor issue)
More information about the Secure-testing-commits
mailing list