[Secure-testing-commits] r41323 - data/CVE
security tracker role
sectracker at moszumanska.debian.org
Sat Apr 30 21:10:16 UTC 2016
Author: sectracker
Date: 2016-04-30 21:10:16 +0000 (Sat, 30 Apr 2016)
New Revision: 41323
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-04-30 20:54:58 UTC (rev 41322)
+++ data/CVE/list 2016-04-30 21:10:16 UTC (rev 41323)
@@ -3773,6 +3773,7 @@
NOTE: Introduced in 1.11.0, fixed in 1.11.29
CVE-2016-2849 [ECDSA side channel attack]
RESERVED
+ {DLA-449-1}
- botan1.10 <unfixed> (bug #822698)
NOTE: http://botan.randombit.net/security.html
NOTE: Introduced in 1.7.15, fixed in 1.11.29
@@ -6090,11 +6091,13 @@
NOTE: http://botan.randombit.net/security.html
CVE-2016-2195 [Heap overflow on invalid ECC point]
RESERVED
+ {DLA-449-1}
- botan1.10 1.10.12-1
NOTE: Introduced in 1.9.18, fixed in 1.11.27 and 1.10.11
NOTE: http://botan.randombit.net/security.html
CVE-2016-2194 [Infinite loop in modulur square root algorithm]
RESERVED
+ {DLA-449-1}
- botan1.10 1.10.12-1
NOTE: Introduced in 1.7.15, fixed in 1.11.27 and 1.10.11
NOTE: http://botan.randombit.net/security.html
@@ -15322,6 +15325,7 @@
NOT-FOR-US: SAP HANA
CVE-2015-7827 [PKCS #1 v1.5 decoding was not constant time]
RESERVED
+ {DLA-449-1}
- botan1.10 <unfixed> (bug #817932)
NOTE: Fixed in 1.11.22. Affected all previous versions
NOTE: http://botan.randombit.net/security.html
@@ -16032,7 +16036,7 @@
NOTE: https://git.gnome.org/browse/gdk-pixbuf/commit/?id=6ddca835100107e6b5841ce9d56074f6d98c387e
NOTE: gtk+2.0 2.21.5-1 removed the embedded copy of gdk-pixbuf and build-depends on external gdk-pixbuf
CVE-2015-7674 (Integer overflow in the pixops_scale_nearest function in ...)
- {DSA-3378-1 DLA-434-1}
+ {DSA-3378-1 DLA-450-1 DLA-434-1}
- gdk-pixbuf 2.32.1-1
- gtk+2.0 2.21.5-1
NOTE: http://www.openwall.com/lists/oss-security/2015/10/01/4
@@ -16248,6 +16252,7 @@
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1288934
NOTE: Related to an incomplete RHEL backport of https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8ac2bde2a4a05c38e2bd733bea94507cb1461e06
CVE-2015-7552 (Heap-based buffer overflow in the gdk_pixbuf_flip function in ...)
+ {DLA-450-1}
- gdk-pixbuf 2.32.0-1
NOTE: https://bugzilla.suse.com/show_bug.cgi?id=958963
NOTE: This was fixed by one of the commits between 2.31.6 and 2.32.0.
@@ -20858,11 +20863,13 @@
RESERVED
CVE-2015-5727 [Excess memory allocation in BER decoder]
RESERVED
+ {DLA-449-1}
- botan1.10 1.10.10-1
NOTE: Fixed in 1.11.19 and 1.10.10, affected all previous versions of 1.10 and 1.11
NOTE: http://botan.randombit.net/security.html
CVE-2015-5726 [Crash in BER decoder]
RESERVED
+ {DLA-449-1}
- botan1.10 1.10.10-1
NOTE: Fixed in 1.11.19 and 1.10.10, affected all previous versions of 1.10 and 1.11
NOTE: http://botan.randombit.net/security.html
@@ -20870,6 +20877,7 @@
RESERVED
CVE-2014-9742 [Insufficient randomness in Miller-Rabin primality check]
RESERVED
+ {DLA-449-1}
- botan1.10 1.10.8-1
NOTE: Introduced in 1.8.3, fixed in 1.10.8 and 1.11.9
NOTE: http://botan.randombit.net/security.html
More information about the Secure-testing-commits
mailing list