[Secure-testing-commits] r40712 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sat Apr 2 10:59:52 UTC 2016
Author: carnil
Date: 2016-04-02 10:59:52 +0000 (Sat, 02 Apr 2016)
New Revision: 40712
Modified:
data/CVE/list
Log:
Merge first batch of fixes from jessie-pu
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-04-02 09:39:51 UTC (rev 40711)
+++ data/CVE/list 2016-04-02 10:59:52 UTC (rev 40712)
@@ -4987,20 +4987,20 @@
NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=749115
CVE-2015-8805 (The ecc_256_modq function in ecc-256.c in Nettle before 3.2 does not ...)
- nettle 3.2-1 (bug #813679)
- [jessie] - nettle <no-dsa> (Minor issue; will be fixed via a point release)
+ [jessie] - nettle 2.7.1-5+deb8u1
[wheezy] - nettle <not-affected> (Vulnerable code not present)
[squeeze] - nettle <not-affected> (Vulnerable code not present)
NOTE: https://git.lysator.liu.se/nettle/nettle/commit/c71d2c9d20eeebb985e3872e4550137209e3ce4d
CVE-2015-8804 (x86_64/ecc-384-modp.asm in Nettle before 3.2 does not properly handle ...)
- nettle 3.2-1 (bug #813679)
- [jessie] - nettle <no-dsa> (Minor issue; will be fixed via a point release)
+ [jessie] - nettle 2.7.1-5+deb8u1
[wheezy] - nettle <not-affected> (Vulnerable code not present)
[squeeze] - nettle <not-affected> (Vulnerable code not present)
NOTE: https://lists.lysator.liu.se/pipermail/nettle-bugs/2015/003024.html
NOTE: https://git.lysator.liu.se/nettle/nettle/commit/fa269b6ad06dd13c901dbd84a12e52b918a09cd7
CVE-2015-8803 (The ecc_256_modp function in ecc-256.c in Nettle before 3.2 does not ...)
- nettle 3.2-1 (bug #813679)
- [jessie] - nettle <no-dsa> (Minor issue; will be fixed via a point release)
+ [jessie] - nettle 2.7.1-5+deb8u1
[wheezy] - nettle <not-affected> (Vulnerable code not present)
[squeeze] - nettle <not-affected> (Vulnerable code not present)
NOTE: https://lists.lysator.liu.se/pipermail/nettle-bugs/2015/003028.html
@@ -14634,7 +14634,7 @@
RESERVED
{DLA-389-1}
- giflib 5.1.2-0.1 (bug #808704)
- [jessie] - giflib <no-dsa> (Minor issue; only in giffix utility)
+ [jessie] - giflib 4.1.6-11+deb8u1
[wheezy] - giflib <no-dsa> (Minor issue; only in giffix utility)
NOTE: Upstream fix http://sourceforge.net/p/giflib/code/ci/179510be300bf11115e37528d79619b53c884a63
CVE-2015-7554 (The _TIFFVGetField function in tif_dir.c in libtiff 4.0.6 allows ...)
@@ -32610,6 +32610,7 @@
NOTE: http://www.openwall.com/lists/oss-security/2015/02/12/9
CVE-2015-1419 (Unspecified vulnerability in vsftp 3.0.2 and earlier allows remote ...)
- vsftpd 3.0.2-18 (unimportant; bug #776922)
+ [jessie] - vsftpd 3.0.2-17+deb8u1
NOTE: http://seclists.org/oss-sec/2015/q1/389
NOTE: Not a real security feature according the manpage and upstream
CVE-2015-1418
More information about the Secure-testing-commits
mailing list