[Secure-testing-commits] r32892 - in data: CVE DSA

Sun Mar 15 18:53:56 UTC 2015

Author: jmm
Date: 2015-03-15 18:53:56 +0000 (Sun, 15 Mar 2015)
New Revision: 32892

Modified:
   data/CVE/list
   data/DSA/list
Log:
CVE assigned for libarchive


Modified: data/CVE/list
===================================================================

--- data/CVE/list	2015-03-15 18:08:18 UTC (rev 32891)
+++ data/CVE/list	2015-03-15 18:53:56 UTC (rev 32892)
@@ -3650,11 +3650,11 @@
 CVE-2015-1051 (Open redirect vulnerability in the Context UI module in the Context ...)
 	NOT-FOR-US: Drupal extension drupal7-context
 CVE-2015-XXXX [directory traversal in bsdcpio]
+	{DSA-3180-1}
 	- libarchive 3.1.2-11 (bug #778266)
-	[wheezy] - libarchive 3.0.4-3+wheezy1
 	[squeeze] - libarchive 2.8.4.forreal-1+squeeze3
 	NOTE: mark wheezy and squeeze versions here until CVE is assigned
-	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/01/16/7
+	NOTE: http://www.openwall.com/lists/oss-security/2015/01/16/7
 	NOTE: Patch: https://github.com/libarchive/libarchive/commit/59357157706d47c365b2227739e17daba3607526
 CVE-2015-1200 (Race condition in pxz 4.999.99 Beta 3 uses weak file permissions for ...)
 	- pxz 4.999.99~beta3+git659fc9b-3 (bug #775306)

Modified: data/DSA/list
===================================================================
--- data/DSA/list	2015-03-15 18:08:18 UTC (rev 32891)
+++ data/DSA/list	2015-03-15 18:53:56 UTC (rev 32892)
@@ -29,6 +29,7 @@
 	{CVE-2015-2044 CVE-2015-2045 CVE-2015-2151}
 	[wheezy] - xen 4.1.4-3+deb7u5
 [05 Mar 2015] DSA-3180-1 libarchive - security update
+	{CVE-2015-2304}
 	[wheezy] - libarchive 3.0.4-3+wheezy1
 [03 Mar 2015] DSA-3179-1 icedove - security update
 	{CVE-2015-0822 CVE-2015-0827 CVE-2015-0831 CVE-2015-0836}


