[Secure-testing-commits] r40824 - data/CVE

[Salvatore Bonaccorso]

Author: carnil
Date: 2016-04-08 19:05:52 +0000 (Fri, 08 Apr 2016)
New Revision: 40824

Modified:
   data/CVE/list
Log:
Two CVEs assigned for systemd

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-04-08 18:38:10 UTC (rev 40823)
+++ data/CVE/list	2016-04-08 19:05:52 UTC (rev 40824)
@@ -2,15 +2,16 @@
 	- imlib2 1.4.7-1 (bug #820206)
 	NOTE: https://git.enlightenment.org/legacy/imlib2.git/commit/?id=143f299
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1324774
-CVE-2016-XXXX [systemd / journald created world readable journal files]
+CVE-2014-9770 [systemd / journald created world readable journal files (for volatile journals)]
+	- systemd 215-4
+	[wheezy] - systemd <not-affected> (Vulnerable code not present)
+	NOTE: Introduced by: https://github.com/systemd/systemd/commit/a606871da508995f5ede113a8fc6538afd98966c (v213)
+	NOTE: Fixed by (for volatile journals): https://github.com/systemd/systemd/commit/176f2acf8dee45fee832fd2ab07243f63783a238 (v214)
+CVE-2015-8842 [systemd / journald created world readable journal files (for current persistent journal)]
 	- systemd 229-1
-	[jessie] - systemd <not-affected> (Vulnerable code not present)
 	[wheezy] - systemd <not-affected> (Vulnerable code not present)
 	NOTE: Introduced by: https://github.com/systemd/systemd/commit/a606871da508995f5ede113a8fc6538afd98966c (v213)
-	NOTE: Fixed by (for volatile journals): https://github.com/systemd/systemd/commit/176f2acf8dee45fee832fd2ab07243f63783a238 (v214)
 	NOTE: Fixed by (for current persistent journal): https://github.com/systemd/systemd/commit/afae249efa4774c6676738ac5de6aeb4daf4889f (v229)
-	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=972612
-	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/04/08/14
 CVE-2016-7921
 	REJECTED
 CVE-2016-3982 [optipng: heap buffer overflow pngxrbmp.c bmp_rle4_fread]