[Secure-testing-commits] r37444 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Fri Oct 30 05:40:34 UTC 2015
Author: carnil
Date: 2015-10-30 05:40:34 +0000 (Fri, 30 Oct 2015)
New Revision: 37444
Modified:
data/CVE/list
Log:
Two CVEs assigned for lldpd
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-10-30 05:21:05 UTC (rev 37443)
+++ data/CVE/list 2015-10-30 05:40:34 UTC (rev 37444)
@@ -16,10 +16,6 @@
RESERVED
CVE-2015-8013
RESERVED
-CVE-2015-8012
- RESERVED
-CVE-2015-8011
- RESERVED
CVE-2015-8009
RESERVED
NOT-FOR-US: Mediawiki extension OAuth
@@ -622,20 +618,20 @@
- linux-2.6 <removed>
NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=60533
TODO: check
-CVE-2015-XXXX [lldpd: buffer overflow when handling management address TLV]
+CVE-2015-8011 [lldpd: buffer overflow when handling management address TLV]
- lldpd 0.7.19-1
[squeeze] - lldpd <not-affected> (Vulnerable code not present)
[wheezy] - lldpd <not-affected> (Vulnerable code not present)
[jessie] - lldpd <no-dsa> (Minor issue, will be fixed trough pu)
NOTE: https://github.com/vincentbernat/lldpd/commit/dd4f16e7e816f2165fba76e3d162cd8d2978dcb2
- NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/10/16/2
-CVE-2015-XXXX [lldpd: asserts triggered by malformed packets]
+ NOTE: http://www.openwall.com/lists/oss-security/2015/10/16/2
+CVE-2015-8012 [lldpd: asserts triggered by malformed packets]
- lldpd 0.7.19-1
[squeeze] - lldpd <not-affected> (Vulnerable code not present)
[wheezy] - lldpd <not-affected> (Vulnerable code not present)
[jessie] - lldpd <no-dsa> (Minor issue, will be fixed trough pu)
NOTE: https://github.com/vincentbernat/lldpd/commit/793526f8884455f43daecd0a2c46772388417a00
- NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/10/18/2
+ NOTE: http://www.openwall.com/lists/oss-security/2015/10/18/2
CVE-2015-XXXX [cakephp: XML class SSRF vulnerability]
- cakephp <unfixed>
[squeeze] - cakephp 1.3.2-1.1+deb6u11
More information about the Secure-testing-commits
mailing list