[Secure-testing-commits] r36770 - data/CVE

security tracker role sectracker at moszumanska.debian.org
Sun Sep 20 21:10:13 UTC 2015


Author: sectracker
Date: 2015-09-20 21:10:13 +0000 (Sun, 20 Sep 2015)
New Revision: 36770

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-09-20 20:13:02 UTC (rev 36769)
+++ data/CVE/list	2015-09-20 21:10:13 UTC (rev 36770)
@@ -558,6 +558,7 @@
 	TODO: check
 CVE-2015-7236 [remote triggerable use-after-free in rpcbind]
 	RESERVED
+	{DLA-311-1}
 	- rpcbind <unfixed> (bug #799307)
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=946204
 	NOTE: http://www.spinics.net/lists/linux-nfs/msg53045.html
@@ -3692,6 +3693,7 @@
 CVE-2015-5686
 	RESERVED
 CVE-2015-5685 (The lazy_bdecode function in BitTorrent DHT bootstrap server ...)
+	{DLA-312-1}
 	- libtorrent-rasterbar <unfixed> (bug #797046)
 	[experimental] - libtorrent-rasterbar 1.0.6-1
 	NOTE: Even though the CVE mentions BitTorrent DHT Bootstrap server, the vulnerable lazy_bdecode() function is effectively also available in libtorrent-rasterbar in all Debian releases.
@@ -6921,6 +6923,7 @@
 	RESERVED
 CVE-2015-4456 [Improper validation of certificates when using self-signed certificates]
 	RESERVED
+	{DSA-3363-1}
 	- owncloud-client 1.8.4+dfsg-1
 	NOTE: https://owncloud.org/security/advisory/?id=oc-sa-2015-009
 CVE-2015-4455




More information about the Secure-testing-commits mailing list