[Secure-testing-commits] r40759 - in data: . CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Mon Apr 4 16:09:37 UTC 2016
Author: jmm
Date: 2016-04-04 16:09:37 +0000 (Mon, 04 Apr 2016)
New Revision: 40759
Modified:
data/CVE/list
data/dsa-needed.txt
Log:
take xstream-java and add note
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-04-04 15:55:48 UTC (rev 40758)
+++ data/CVE/list 2016-04-04 16:09:37 UTC (rev 40759)
@@ -1664,7 +1664,7 @@
NOTE: http://xenbits.xen.org/xsa/advisory-171.html
NOTE: https://git.kernel.org/linus/b7a584598aea7ca73140cb87b40319944dd3393f
CVE-2016-3155 (Siemens APOGEE Insight uses weak permissions for the application ...)
- TODO: check
+ NOT-FOR-US: Siemens APOGEE Insight
CVE-2016-XXXX [use-after-free in unserialisation]
- hhvm 3.12.1+dfsg-1
NOTE: https://github.com/facebook/hhvm/commit/fd456ffad5d164c1563dc8bd97bcc2f200ff6f69
@@ -12012,7 +12012,6 @@
[wheezy] - xbmc <not-affected> (Vulnerable code not present)
NOTE: Fixed by: https://github.com/LibRaw/LibRaw/commit/89d065424f09b788f443734d44857289489ca9e2
NOTE: Introduced by: https://github.com/LibRaw/LibRaw/commit/7b1430c76a19c93f3cc755bb2ff9bda0ba9b4082 (0.15.0)
- TODO: double check introducing commit and related packages
CVE-2015-8366 [Index overflow in smal_decode_segment]
RESERVED
- libraw 0.17.1-1 (bug #806809)
Modified: data/dsa-needed.txt
===================================================================
--- data/dsa-needed.txt 2016-04-04 15:55:48 UTC (rev 40758)
+++ data/dsa-needed.txt 2016-04-04 16:09:37 UTC (rev 40759)
@@ -42,9 +42,9 @@
https://people.debian.org/~ghedo/libidn_1.29-1+deb8u1.diff
Help is needed to fix it so that it doesn't FTBFS
--
-libxstream-java
+libxstream-java (jmm)
Emmanuel Bourg proposed debdiff for both wheezy- and jessie-security
- TODO: check, ack or redirect to pu
+ waiting an additional to solicit regression feedback from change in sid
--
linux
--
More information about the Secure-testing-commits
mailing list