[Secure-testing-commits] r33247 - data/CVE
security tracker role
sectracker at moszumanska.debian.org
Sun Mar 29 21:10:18 UTC 2015
Author: sectracker
Date: 2015-03-29 21:10:18 +0000 (Sun, 29 Mar 2015)
New Revision: 33247
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-03-29 20:14:58 UTC (rev 33246)
+++ data/CVE/list 2015-03-29 21:10:18 UTC (rev 33247)
@@ -151,16 +151,19 @@
- realmd <unfixed> (bug #781179)
NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=89207
CVE-2015-2776 [does not properly check requests for workbook memory allocation]
+ {DSA-3208-1}
[experimental] - freexl 1.0.1-1~exp1
- freexl 1.0.0g-1+deb8u1 (bug #781228)
NOTE: Reproducer: https://www.dropbox.com/s/gh61gzaf8jj30hj/freexl_6889d18b?dl=0
CVE-2015-2754
RESERVED
+ {DSA-3208-1}
[experimental] - freexl 1.0.1-1~exp1
- freexl 1.0.0g-1+deb8u1 (bug #781228)
NOTE: Reproducer: https://www.dropbox.com/s/66srfory903w6cl/freexl_d7273f72?dl=0
CVE-2015-2753
RESERVED
+ {DSA-3208-1}
[experimental] - freexl 1.0.1-1~exp1
- freexl 1.0.0g-1+deb8u1 (bug #781228)
NOTE: Reproducer: https://www.dropbox.com/s/3htzndywvtmomlx/freexl_9f74b0e8?dl=0
@@ -858,11 +861,11 @@
- qemu-kvm <removed> (unimportant)
NOTE: http://git.qemu.org/?p=qemu.git;a=commitdiff;h=3251bdcf1c67427d964517053c3d185b46e618e8 (v2.2.0-rc2)
NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/03/24/4
- NOTE: Per maintainer not a security issue:
- NOTE: Qemu either leaks memory or loops infinitely. Memory leakage can be easily
- NOTE: mitigated using some kind of resource limits in security-sensitive environments,
- NOTE: and looping can trivially be done inside the virtual machine just fine, achieving
- NOTE: the same effect
+ NOTE: Per maintainer not a security issue:
+ NOTE: Qemu either leaks memory or loops infinitely. Memory leakage can be easily
+ NOTE: mitigated using some kind of resource limits in security-sensitive environments,
+ NOTE: and looping can trivially be done inside the virtual machine just fine, achieving
+ NOTE: the same effect
CVE-2015-2686 [sys_sendto/sys_recvfrom does not validate the user provided ubuf pointer]
RESERVED
- linux <not-affected> (Introduced in 3.19, never uploaded to unstable)
@@ -11698,7 +11701,7 @@
RESERVED
- cups <unfixed> (unimportant)
NOTE: Patch: https://bugzilla.redhat.com/attachment.cgi?id=916761
- NOTE: Terminal emulators need to perform proper escaping
+ NOTE: Terminal emulators need to perform proper escaping
CVE-2014-8165 (scripts/amsvis/powerpcAMS/amsnet.py in powerpc-utils-python uses the ...)
- powerpc-utils <not-affected> (Vulnerable code not present)
NOTE: http://sourceforge.net/p/powerpc-utils/mailman/message/32884230
More information about the Secure-testing-commits
mailing list