[Secure-testing-commits] r33247 - data/CVE

security tracker role sectracker at moszumanska.debian.org
Sun Mar 29 21:10:18 UTC 2015


Author: sectracker
Date: 2015-03-29 21:10:18 +0000 (Sun, 29 Mar 2015)
New Revision: 33247

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-03-29 20:14:58 UTC (rev 33246)
+++ data/CVE/list	2015-03-29 21:10:18 UTC (rev 33247)
@@ -151,16 +151,19 @@
 	- realmd <unfixed> (bug #781179)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=89207
 CVE-2015-2776 [does not properly check requests for workbook memory allocation]
+	{DSA-3208-1}
 	[experimental] - freexl 1.0.1-1~exp1
 	- freexl 1.0.0g-1+deb8u1 (bug #781228)
 	NOTE: Reproducer: https://www.dropbox.com/s/gh61gzaf8jj30hj/freexl_6889d18b?dl=0
 CVE-2015-2754
 	RESERVED
+	{DSA-3208-1}
 	[experimental] - freexl 1.0.1-1~exp1
 	- freexl 1.0.0g-1+deb8u1 (bug #781228)
 	NOTE: Reproducer: https://www.dropbox.com/s/66srfory903w6cl/freexl_d7273f72?dl=0
 CVE-2015-2753
 	RESERVED
+	{DSA-3208-1}
 	[experimental] - freexl 1.0.1-1~exp1
 	- freexl 1.0.0g-1+deb8u1 (bug #781228)
 	NOTE: Reproducer: https://www.dropbox.com/s/3htzndywvtmomlx/freexl_9f74b0e8?dl=0
@@ -858,11 +861,11 @@
 	- qemu-kvm <removed> (unimportant)
 	NOTE: http://git.qemu.org/?p=qemu.git;a=commitdiff;h=3251bdcf1c67427d964517053c3d185b46e618e8 (v2.2.0-rc2)
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/03/24/4
-        NOTE: Per maintainer not a security issue:
-        NOTE: Qemu either leaks memory or loops infinitely.  Memory leakage can be easily
-        NOTE: mitigated using some kind of resource limits in security-sensitive environments,
-        NOTE: and looping can trivially be done inside the virtual machine just fine, achieving
-        NOTE: the same effect
+	NOTE: Per maintainer not a security issue:
+	NOTE: Qemu either leaks memory or loops infinitely.  Memory leakage can be easily
+	NOTE: mitigated using some kind of resource limits in security-sensitive environments,
+	NOTE: and looping can trivially be done inside the virtual machine just fine, achieving
+	NOTE: the same effect
 CVE-2015-2686 [sys_sendto/sys_recvfrom does not validate the user provided ubuf pointer]
 	RESERVED
 	- linux <not-affected> (Introduced in 3.19, never uploaded to unstable)
@@ -11698,7 +11701,7 @@
 	RESERVED
 	- cups <unfixed> (unimportant)
 	NOTE: Patch: https://bugzilla.redhat.com/attachment.cgi?id=916761
-        NOTE: Terminal emulators need to perform proper escaping
+	NOTE: Terminal emulators need to perform proper escaping
 CVE-2014-8165 (scripts/amsvis/powerpcAMS/amsnet.py in powerpc-utils-python uses the ...)
 	- powerpc-utils <not-affected> (Vulnerable code not present)
 	NOTE: http://sourceforge.net/p/powerpc-utils/mailman/message/32884230




More information about the Secure-testing-commits mailing list