[Secure-testing-commits] r37444 - data/CVE

Fri Oct 30 05:40:34 UTC 2015

Author: carnil
Date: 2015-10-30 05:40:34 +0000 (Fri, 30 Oct 2015)
New Revision: 37444

Modified:
   data/CVE/list
Log:
Two CVEs assigned for lldpd

Modified: data/CVE/list
===================================================================

--- data/CVE/list	2015-10-30 05:21:05 UTC (rev 37443)
+++ data/CVE/list	2015-10-30 05:40:34 UTC (rev 37444)
@@ -16,10 +16,6 @@
 	RESERVED
 CVE-2015-8013
 	RESERVED
-CVE-2015-8012
-	RESERVED
-CVE-2015-8011
-	RESERVED
 CVE-2015-8009
 	RESERVED
 	NOT-FOR-US: Mediawiki extension OAuth
@@ -622,20 +618,20 @@
 	- linux-2.6 <removed>
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=60533
 	TODO: check
-CVE-2015-XXXX [lldpd: buffer overflow when handling management address TLV]
+CVE-2015-8011 [lldpd: buffer overflow when handling management address TLV]
 	- lldpd 0.7.19-1
 	[squeeze] - lldpd <not-affected> (Vulnerable code not present)
 	[wheezy] - lldpd <not-affected> (Vulnerable code not present)
 	[jessie] - lldpd <no-dsa> (Minor issue, will be fixed trough pu)
 	NOTE: https://github.com/vincentbernat/lldpd/commit/dd4f16e7e816f2165fba76e3d162cd8d2978dcb2
-	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/10/16/2
-CVE-2015-XXXX [lldpd: asserts triggered by malformed packets]
+	NOTE: http://www.openwall.com/lists/oss-security/2015/10/16/2
+CVE-2015-8012 [lldpd: asserts triggered by malformed packets]
 	- lldpd 0.7.19-1
 	[squeeze] - lldpd <not-affected> (Vulnerable code not present)
 	[wheezy] - lldpd <not-affected> (Vulnerable code not present)
 	[jessie] - lldpd <no-dsa> (Minor issue, will be fixed trough pu)
 	NOTE: https://github.com/vincentbernat/lldpd/commit/793526f8884455f43daecd0a2c46772388417a00
-	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/10/18/2
+	NOTE: http://www.openwall.com/lists/oss-security/2015/10/18/2
 CVE-2015-XXXX [cakephp: XML class SSRF vulnerability]
 	- cakephp <unfixed>
 	[squeeze] - cakephp 1.3.2-1.1+deb6u11


