[Secure-testing-commits] r36770 - data/CVE
security tracker role
sectracker at moszumanska.debian.org
Sun Sep 20 21:10:13 UTC 2015
Author: sectracker
Date: 2015-09-20 21:10:13 +0000 (Sun, 20 Sep 2015)
New Revision: 36770
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-09-20 20:13:02 UTC (rev 36769)
+++ data/CVE/list 2015-09-20 21:10:13 UTC (rev 36770)
@@ -558,6 +558,7 @@
TODO: check
CVE-2015-7236 [remote triggerable use-after-free in rpcbind]
RESERVED
+ {DLA-311-1}
- rpcbind <unfixed> (bug #799307)
NOTE: https://bugzilla.suse.com/show_bug.cgi?id=946204
NOTE: http://www.spinics.net/lists/linux-nfs/msg53045.html
@@ -3692,6 +3693,7 @@
CVE-2015-5686
RESERVED
CVE-2015-5685 (The lazy_bdecode function in BitTorrent DHT bootstrap server ...)
+ {DLA-312-1}
- libtorrent-rasterbar <unfixed> (bug #797046)
[experimental] - libtorrent-rasterbar 1.0.6-1
NOTE: Even though the CVE mentions BitTorrent DHT Bootstrap server, the vulnerable lazy_bdecode() function is effectively also available in libtorrent-rasterbar in all Debian releases.
@@ -6921,6 +6923,7 @@
RESERVED
CVE-2015-4456 [Improper validation of certificates when using self-signed certificates]
RESERVED
+ {DSA-3363-1}
- owncloud-client 1.8.4+dfsg-1
NOTE: https://owncloud.org/security/advisory/?id=oc-sa-2015-009
CVE-2015-4455
More information about the Secure-testing-commits
mailing list