[Secure-testing-commits] r34509 - data/CVE

security tracker role sectracker at moszumanska.debian.org
Mon May 25 21:10:27 UTC 2015 

Author: sectracker
Date: 2015-05-25 21:10:27 +0000 (Mon, 25 May 2015)
New Revision: 34509

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-05-25 20:53:22 UTC (rev 34508)
+++ data/CVE/list	2015-05-25 21:10:27 UTC (rev 34509)
@@ -2164,7 +2164,7 @@
 	RESERVED
 CVE-2015-3202
 	RESERVED
-	{DSA-3268-1 DSA-3266-1}
+	{DSA-3268-1 DSA-3266-1 DLA-226-1}
 	- fuse 2.9.3-16 (bug #786439)
 	- ntfs-3g 1:2014.2.15AR.3-2 (bug #786475)
 	NOTE: ntfs-3g source wise affected but wheezy version uses --with-fuse=external
@@ -7325,7 +7325,7 @@
 	NOTE: Starting with 1.4-5 cabextract uses the mspack system library
 CVE-2014-9655 [access of uninitialized memory]
 	RESERVED
-	{DLA-221-1}
+	{DSA-3273-1 DLA-221-1}
 	- tiff 4.0.3-12.1 (bug #777390)
 	- tiff3 <removed>
 	NOTE: http://lcamtuf.coredump.cx/afl/vulns/libtiff-cvs-1.tif
@@ -11613,7 +11613,7 @@
 CVE-2014-9331 (Cross-site request forgery (CSRF) vulnerability in ZOHO ManageEngine ...)
 	NOT-FOR-US: ZOHO ManageEngine Desktop Central
 CVE-2014-9330 (Integer overflow in tif_packbits.c in bmp2tif in libtiff 4.0.3 allows ...)
-	{DLA-221-1}
+	{DSA-3273-1 DLA-221-1}
 	- tiff 4.0.3-12 (bug #773987)
 	- tiff3 <not-affected> (The tiff3 source package doesn't build the TIFF tools)
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2494
@@ -15847,7 +15847,7 @@
 	NOTE: Crash in a frontend tool w/o potential for code injection, marked as unimportant
 CVE-2014-8129 [out-of-bound read and write]
 	RESERVED
-	{DLA-221-1}
+	{DSA-3273-1 DLA-221-1}
 	- tiff 4.0.3-12.1 (bug #776185)
 	- tiff3 <unfixed>
 	NOTE: Advisory: http://www.conostix.com/pub/adv/CVE-2014-8129-LibTIFF-Out-of-bounds_Reads_and_Writes.txt
@@ -15856,7 +15856,7 @@
 	NOTE: The tiff3 source package doesn't build the TIFF tools, but most of these bugs are in the library
 CVE-2014-8128 [out-of-bounds write]
 	RESERVED
-	{DLA-221-1}
+	{DSA-3273-1 DLA-221-1}
 	- tiff 4.0.3-12.3 (bug #776185)
 	- tiff3 <unfixed>
 	NOTE: Advisory: http://www.conostix.com/pub/adv/CVE-2014-8128-LibTIFF-Out-of-bounds_Writes.txt
@@ -15871,6 +15871,7 @@
 	NOTE: The tiff3 source package doesn't build the TIFF tools, but most of these bugs are in the library
 CVE-2014-8127 [out-of-bound reads]
 	RESERVED
+	{DSA-3273-1}
 	- tiff <unfixed> (unimportant; bug #776185)
 	- tiff3 <not-affected> (The tiff3 source package doesn't build the TIFF tools)
 	NOTE: Advisory: http://www.conostix.com/pub/adv/CVE-2014-8127-LibTIFF-Out-of-bounds_Reads.txt

More information about the Secure-testing-commits mailing list