[Secure-testing-commits] r37935 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Thu Nov 26 21:13:05 UTC 2015


Author: carnil
Date: 2015-11-26 21:13:05 +0000 (Thu, 26 Nov 2015)
New Revision: 37935

Modified:
   data/CVE/list
Log:
Reported bug for two nodejs CVEs, #806385

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-11-26 21:10:10 UTC (rev 37934)
+++ data/CVE/list	2015-11-26 21:13:05 UTC (rev 37935)
@@ -856,9 +856,9 @@
 	NOT-FOR-US: SAP
 CVE-2015-8028 (Multiple buffer overflows in SAP 3D Visual Enterprise Viewer (VEV) ...)
 	NOT-FOR-US: SAP
-CVE-2015-8027
+CVE-2015-8027 [denial of service vulnerability]
 	RESERVED
-	- nodejs <unfixed>
+	- nodejs <unfixed> (bug #806385)
 	[jessie] - nodejs <not-affected> (0.10 series not affected)
 	NOTE: https://nodejs.org/en/blog/vulnerability/cve-2015-8027_cve-2015-6764/
 CVE-2015-8024
@@ -4159,11 +4159,11 @@
 	RESERVED
 CVE-2015-6765
 	RESERVED
-CVE-2015-6764
+CVE-2015-6764 [V8 out-of-bounds access vulnerability]
 	RESERVED
 	- libv8-3.14 <unfixed> (unimportant)
 	NOTE: libv8 not covered by security support
-	- nodejs <unfixed>
+	- nodejs <unfixed> (bug #806385)
 	[jessie] - nodejs <not-affected> (0.10 series not affected)
 	NOTE: https://nodejs.org/en/blog/vulnerability/cve-2015-8027_cve-2015-6764/
 CVE-2015-6763 (Multiple unspecified vulnerabilities in Google Chrome before ...)




More information about the Secure-testing-commits mailing list