[Secure-testing-commits] r41129 - data/CVE
security tracker role
sectracker at moszumanska.debian.org
Sun Apr 24 21:10:17 UTC 2016
Author: sectracker
Date: 2016-04-24 21:10:17 +0000 (Sun, 24 Apr 2016)
New Revision: 41129
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-04-24 20:57:02 UTC (rev 41128)
+++ data/CVE/list 2016-04-24 21:10:17 UTC (rev 41129)
@@ -2549,6 +2549,7 @@
NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=19879
CVE-2016-3074 [Signedness vulnerability causing heap overflow]
RESERVED
+ {DSA-3556-1}
- libgd2 2.1.1-4.1 (bug #822242)
- php5 <unfixed> (unimportant)
- php7.0 <unfixed> (unimportant)
@@ -13742,6 +13743,7 @@
- jenkins <removed> (bug #804522)
NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11
CVE-2015-7501 [java unserialisation issues]
+ RESERVED
- libcommons-collections3-java 3.2.2-1 (unimportant)
[jessie] - libcommons-collections3-java 3.2.1-7+deb8u1
[wheezy] - libcommons-collections3-java 3.2.1-5+deb7u1
@@ -28845,6 +28847,7 @@
NOTE: owncloud-contacts fixed in 0.3.0.18+8.0.0+dfsg-1
NOTE: https://owncloud.org/security/advisory/?id=oc-sa-2015-001
CVE-2015-8855 [Regular Expression Denial of Service]
+ RESERVED
- node-semver <unfixed> (unimportant)
NOTE: https://nodesecurity.io/advisories/semver_redos
NOTE: https://github.com/npm/npm/releases/tag/v2.7.5
@@ -30605,6 +30608,7 @@
RESERVED
- capnproto 0.4.1-3 (bug #780565)
CVE-2015-8856 [XSS via filename]
+ RESERVED
- node-serve-index <unfixed> (unimportant)
NOTE: libv8 is not covered by security support
NOTE: https://nodesecurity.io/advisories/serve-static-xss
More information about the Secure-testing-commits
mailing list