[Secure-testing-commits] r37768 - in data: CVE DSA

Salvatore Bonaccorso carnil at moszumanska.debian.org
Thu Nov 19 08:07:16 UTC 2015


Author: carnil
Date: 2015-11-19 08:07:16 +0000 (Thu, 19 Nov 2015)
New Revision: 37768

Modified:
   data/CVE/list
   data/DSA/list
Log:
CVE-2015-7984 assigned for horde issues

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-11-18 21:35:36 UTC (rev 37767)
+++ data/CVE/list	2015-11-19 08:07:16 UTC (rev 37768)
@@ -512,9 +512,8 @@
 	NOTE: '<' not found) even though it does not have the fix yet. The next upstream
 	NOTE: release will fix this issue and will restore XZ support.
 	NOTE: http://www.openwall.com/lists/oss-security/2015/11/02/2
-CVE-2015-XXXX [Multiple CSRF Vulnerabilities]
+CVE-2015-7984 [Multiple CSRF Vulnerabilities]
 	- php-horde 5.2.8+debian0-1 (bug #803641)
-	[jessie] - php-horde 5.2.1+debian0-2+deb8u2
 	NOTE: workaround entry for DSA-3391-1 until/if CVE assigned
 	NOTE: https://www.htbridge.com/advisory/HTB23272
 	NOTE: https://github.com/horde/horde/commit/a199d74932c902844514b2a83d21e7e221257dae
@@ -645,8 +644,6 @@
 	NOTE: Only for all stable kernels before v3.19 which have backported commit
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=89c22d8c3b278212eef6a8cc66b570bc840a6f5a
 	NOTE: but are lacking the ioviter conversion.
-CVE-2015-7984
-	RESERVED
 CVE-2015-7983
 	RESERVED
 CVE-2015-7982

Modified: data/DSA/list
===================================================================
--- data/DSA/list	2015-11-18 21:35:36 UTC (rev 37767)
+++ data/DSA/list	2015-11-19 08:07:16 UTC (rev 37768)
@@ -40,6 +40,7 @@
 	[wheezy] - freeimage 3.15.1-1.1
 	[jessie] - freeimage 3.15.4-4.2
 [03 Nov 2015] DSA-3391-1 php-horde - security update
+	{CVE-2015-7984}
 	[jessie] - php-horde 5.2.1+debian0-2+deb8u2
 [02 Nov 2015] DSA-3355-2 libvdpau - regression update
 	[jessie] - libvdpau 0.8-3+deb8u2




More information about the Secure-testing-commits mailing list