[Secure-testing-commits] r33224 - data/CVE

security tracker role sectracker at moszumanska.debian.org
Sat Mar 28 21:10:15 UTC 2015 

Author: sectracker
Date: 2015-03-28 21:10:15 +0000 (Sat, 28 Mar 2015)
New Revision: 33224

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-03-28 18:32:45 UTC (rev 33223)
+++ data/CVE/list	2015-03-28 21:10:15 UTC (rev 33224)
@@ -881,6 +881,7 @@
 	TODO: check affected versions
 CVE-2014-9706 [dulwich: does not reject commits with invalid paths]
 	RESERVED
+	{DSA-3206-1}
 	- dulwich 0.10.1-1 (bug #780989)
 	[jessie] - dulwich 0.9.7-3
 	NOTE: Patch: https://git.samba.org/?p=jelmer/dulwich.git;a=commitdiff;h=091638be3c89f46f42c3b1d57dc1504af5729176
@@ -992,6 +993,7 @@
 	NOTE: http://www.openwall.com/lists/oss-security/2015/03/18/7
 CVE-2015-2684 [denial of service vulnerability]
 	RESERVED
+	{DSA-3207-1}
 	- shibboleth-sp2 2.5.3+dfsg-2
 	NOTE: http://shibboleth.net/community/advisories/secadv_20150319.txt
 CVE-2015-2672 [unprivileged denial-of-service due to mis-protected xsave/xrstor instructions]
@@ -2409,15 +2411,15 @@
 	NOTE: kernel packages as shipped with Red Hat Enterprise
 	NOTE: Linux 5, 6, and 7, and Red Hat Enterprise MRG 2.
 CVE-2015-1804 (The bdfReadCharacters function in bitmap/bdfread.c in X.Org libXfont ...)
-	{DSA-3194-1}
+	{DSA-3194-1 DLA-183-1}
 	- libxfont 1:1.5.1-1
 	NOTE: http://lists.x.org/archives/xorg-announce/2015-March/002550.html
 CVE-2015-1803 (The bdfReadCharacters function in bitmap/bdfread.c in X.Org libXfont ...)
-	{DSA-3194-1}
+	{DSA-3194-1 DLA-183-1}
 	- libxfont 1:1.5.1-1
 	NOTE: http://lists.x.org/archives/xorg-announce/2015-March/002550.html
 CVE-2015-1802 (The bdfReadProperties function in bitmap/bdfread.c in X.Org libXfont ...)
-	{DSA-3194-1}
+	{DSA-3194-1 DLA-183-1}
 	- libxfont 1:1.5.1-1
 	NOTE: http://lists.x.org/archives/xorg-announce/2015-March/002550.html
 CVE-2015-1801
@@ -5625,6 +5627,7 @@
 	RESERVED
 CVE-2015-0838 [buffer overflow in the C implementation of the apply_delta() function]
 	RESERVED
+	{DSA-3206-1}
 	- dulwich 0.10.1-1 (bug #780958)
 	[jessie] - dulwich 0.9.7-3
 CVE-2015-0837 [data-dependent timing variations in modular exponentiation]
@@ -10417,13 +10420,13 @@
 CVE-2010-5311
 	RESERVED
 CVE-2014-8738 (The _bfd_slurp_extended_name_table function in bfd/archive.c in GNU ...)
-	{DSA-3123-2 DSA-3123-1}
+	{DSA-3123-2 DSA-3123-1 DLA-184-1}
 	- binutils 2.24.90.20141124-1
 	- binutils-mingw-w64 5.2
 	NOTE: Upstream tracker: https://sourceware.org/bugzilla/show_bug.cgi?id=17533
 	NOTE: Upstream patch: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=bb0d867169d7e9743d229804106a8fbcab7f3b3f
 CVE-2014-8737 (Multiple directory traversal vulnerabilities in GNU binutils 2.24 and ...)
-	{DSA-3123-2 DSA-3123-1}
+	{DSA-3123-2 DSA-3123-1 DLA-184-1}
 	- binutils 2.24.90.20141124-1
 	- binutils-mingw-w64 5.2
 	NOTE: Upstream tracker: https://sourceware.org/bugzilla/show_bug.cgi?id=17552
@@ -10733,7 +10736,7 @@
 CVE-2014-8505 (Multiple cross-site scripting (XSS) vulnerabilities in Etiko CMS allow ...)
 	NOT-FOR-US: Etiko CMS
 CVE-2014-8504 (Stack-based buffer overflow in the srec_scan function in bfd/srec.c in ...)
-	{DSA-3123-2 DSA-3123-1}
+	{DSA-3123-2 DSA-3123-1 DLA-184-1}
 	- binutils 2.24.90.20141104-1
 	- binutils-mingw-w64 5.2
 	NOTE: http://openwall.com/lists/oss-security/2014/10/27/4
@@ -10742,20 +10745,20 @@
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=17510#c8
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=708d7d0d11f0f2d776171979aa3479e8e12a38a0
 CVE-2014-8503 (Stack-based buffer overflow in the ihex_scan function in bfd/ihex.c in ...)
-	{DSA-3123-2 DSA-3123-1}
+	{DSA-3123-2 DSA-3123-1 DLA-184-1}
 	- binutils 2.24.90.20141104-1
 	- binutils-mingw-w64 5.2
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=17512#c33
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=17512#c34
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=0102ea8cec5fc509bba6c91df61b7ce23a799d32
 CVE-2014-8502 (Heap-based buffer overflow in the pe_print_edata function in ...)
-	{DSA-3123-2 DSA-3123-1}
+	{DSA-3123-2 DSA-3123-1 DLA-184-1}
 	- binutils 2.24.90.20141104-1
 	- binutils-mingw-w64 5.2
 	NOTE: See https://sourceware.org/bugzilla/show_bug.cgi?id=17512#c17
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=5a4b0ccc20ba30caef53b01bee2c0aaa5b855339
 CVE-2014-8501 (The _bfd_XXi_swap_aouthdr_in function in bfd/peXXigen.c in GNU ...)
-	{DSA-3123-2 DSA-3123-1}
+	{DSA-3123-2 DSA-3123-1 DLA-184-1}
 	- binutils 2.24.90.20141104-1
 	- binutils-mingw-w64 5.2
 	- gdb <unfixed> (unimportant)
@@ -10909,14 +10912,14 @@
 	NOTE: The NULL pointer dereference was introduced in https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=41061cdb98a0bec464278b4db8e894a3121671f5 (v3.17-rc1)
 	NOTE: Fix: https://git.kernel.org/cgit/virt/kvm/kvm.git/commit/?id=3f6f1480d86bf9fc16c160d803ab1d006e3058d5
 CVE-2014-8485 (The setup_group function in bfd/elf.c in libbfd in GNU binutils 2.24 ...)
-	{DSA-3123-2 DSA-3123-1}
+	{DSA-3123-2 DSA-3123-1 DLA-184-1}
 	- binutils 2.24.90.20141104-1
 	- binutils-mingw-w64 5.2
 	NOTE: http://lcamtuf.blogspot.com.au/2014/10/psa-dont-run-strings-on-untrusted-files.html
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=493a33860c71cac998f1a56d6d87d6faa801fbaa
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=17510
 CVE-2014-8484 (The srec_scan function in bfd/srec.c in libdbfd in GNU binutils before ...)
-	{DSA-3123-2 DSA-3123-1}
+	{DSA-3123-2 DSA-3123-1 DLA-184-1}
 	- binutils 2.24.51.20140903-1
 	- binutils-mingw-w64 5.2
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=17509

More information about the Secure-testing-commits mailing list