[Secure-testing-commits] r37827 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Mon Nov 23 18:42:16 UTC 2015
Author: carnil
Date: 2015-11-23 18:42:16 +0000 (Mon, 23 Nov 2015)
New Revision: 37827
Modified:
data/CVE/list
Log:
Add CVE-2015-5312/libxml2
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-11-23 18:40:37 UTC (rev 37826)
+++ data/CVE/list 2015-11-23 18:42:16 UTC (rev 37827)
@@ -7659,8 +7659,12 @@
NOTE: https://w1.fi/security/2015-7/0001-EAP-pwd-server-Fix-last-fragment-length-validation.patch
CVE-2015-5313
RESERVED
-CVE-2015-5312
+CVE-2015-5312 [entity expansion issue]
RESERVED
+ - libxml2 <unfixed>
+ NOTE: https://git.gnome.org/browse/libxml2/commit/?id=69030714cde66d525a8884bda01b9e8f0abf8e1e (v2.9.3)
+ NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=756733
+ TODO: check affected versions
CVE-2015-5311 (PowerDNS (aka pdns) Authoritative Server 3.4.4 before 3.4.7 allows ...)
- pdns 3.4.7-1
[jessie] - pdns <not-affected> (Only 3.4.4 and later affected)
More information about the Secure-testing-commits
mailing list