[Secure-testing-commits] r32813 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Thu Mar 12 09:51:41 UTC 2015 

Author: carnil
Date: 2015-03-12 09:51:41 +0000 (Thu, 12 Mar 2015)
New Revision: 32813

Modified:
   data/CVE/list
Log:
Mark three suricata issues as fixed in unstable

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-03-12 09:50:10 UTC (rev 32812)
+++ data/CVE/list	2015-03-12 09:51:41 UTC (rev 32813)
@@ -447,18 +447,17 @@
 	[wheezy] - bibtool <no-dsa> (Minor issue)
 	NOTE: Upstream patch: https://github.com/ge-ne/bibtool/commit/c6ed92c556f28ca2c738972c647486f9e11424bf
 CVE-2015-XXXX [dcerpc: exit()'s on malloc failure]
-	- suricata <unfixed>
+	- suricata 2.0.7-1
 	[wheezy] - suricata <no-dsa> (Unusable in wheezy, planned for removal)
 	NOTE: https://github.com/inliniac/suricata/commit/89017d0b03bf715a3f4e11b612c6c7a23549304a
-	NOTE: Fixed in suricata 2.0.7 upstream
 CVE-2015-XXXX [http uri parsing issue]
 	- libhtp <unfixed>
 	[wheezy] - libhtp <no-dsa> (Unusable in wheezy, planned for removal)
-	- suricata <unfixed>
+	- suricata 2.0.7-1
 	[wheezy] - suricata <no-dsa> (Unusable in wheezy, planned for removal)
 	NOTE: https://redmine.openinfosecfoundation.org/issues/1391
 	NOTE: https://github.com/OISF/libhtp/commit/1a6c9465fb641f81460392f622d1878d5e87fc00
-	NOTE: Fixed in suricata 2.0.7 and Libhtp 0.5.17 upstream
+	NOTE: Fixed in Libhtp 0.5.17 upstream
 CVE-2015-XXXX [MATTA-2015-002: Enforce acceptable range for Diffie-Hellman server value]
 	- putty 0.63-10
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/02/27/4
@@ -3855,11 +3854,10 @@
 	NOT-FOR-US: SerVision HVG Video Gateway
 CVE-2015-0928 [DCERPC traffic parsing issue]
 	RESERVED
-	- suricata <unfixed>
+	- suricata 2.0.7-1
 	[wheezy] - suricata <no-dsa> (Unusable in wheezy, planned for removal)
 	NOTE: https://redmine.openinfosecfoundation.org/issues/1385
 	NOTE: Commit: https://github.com/inliniac/suricata/commit/56196ace51395fcb2d8fc30d586e9ad782306d31
-	NOTE: Fixed upstream in 2.0.7
 CVE-2015-0927
 	RESERVED
 CVE-2015-0926 (Labtech before 100.237 on Linux uses world-writable permissions for ...)

More information about the Secure-testing-commits mailing list