[Secure-testing-commits] r43742 - data/CVE

security tracker role sectracker at moszumanska.debian.org
Wed Aug 3 09:10:12 UTC 2016 

Author: sectracker
Date: 2016-08-03 09:10:12 +0000 (Wed, 03 Aug 2016)
New Revision: 43742

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-08-03 09:07:51 UTC (rev 43741)
+++ data/CVE/list	2016-08-03 09:10:12 UTC (rev 43742)
@@ -667,6 +667,7 @@
 CVE-2016-6253
 	RESERVED
 CVE-2016-1000212 [Mitigation for HTTPoxy vulnerability]
+	{DLA-583-1}
 	- lighttpd <unfixed> (bug #832571)
 	NOTE: https://redmine.lighttpd.net/projects/lighttpd/repository/revisions/779c133c16f9af168b004dce7a2a64f16c1cb3a4/diff
 	NOTE: CVE assigned for the mitigation to identify the fix. But it is not a vulnerability in lighttpd itself.
@@ -893,6 +894,7 @@
 	NOTE: Fixed in 1.0.16 of uClibc-ng
 CVE-2016-6263 [stringprep_utf8_nfkc_normalize reject invalid UTF-8]
 	RESERVED
+	{DLA-582-1}
 	- libidn 1.33-1
 	NOTE: https://lists.gnu.org/archive/html/help-libidn/2016-07/msg00009.html
 	NOTE: Test / Fix: http://git.savannah.gnu.org/cgit/libidn.git/commit/?id=1fbee57ef3c72db2206dd87e4162108b2f425555 (libidn-1-33)
@@ -905,6 +907,7 @@
 	NOTE: https://github.com/perl5-dbi/DBD-mysql/commit/cf0aa7751f6ef8445e9310a64b14dc81460ca156
 CVE-2015-8948 [Solve out-of-bounds-read when reading one zero byte as input]
 	RESERVED
+	{DLA-582-1}
 	- libidn 1.33-1
 	NOTE: Fix: http://git.savannah.gnu.org/cgit/libidn.git/commit/?id=570e68886c41c2e765e6218cb317d9a9a447a041 (libidn-1-33)
 	NOTE: When fixing this issue, the followup fix http://git.savannah.gnu.org/cgit/libidn.git/commit/?id=5e3cb9c7b5bf0ce665b9d68f5ddf095af5c9ba60
@@ -917,6 +920,7 @@
 	NOTE: http://www.openwall.com/lists/oss-security/2016/07/20/6
 CVE-2016-6261 [out-of-bounds stack read in idna_to_ascii_4i]
 	RESERVED
+	{DLA-582-1}
 	- libidn 1.33-1
 	NOTE: https://lists.gnu.org/archive/html/help-libidn/2016-07/msg00009.html
 	NOTE: Test: http://git.savannah.gnu.org/cgit/libidn.git/commit/?id=9a1a7e15d0706634971364493fbb06e77e74726c (libidn-1-33)
@@ -7224,7 +7228,7 @@
 CVE-2016-4325 (Lantronix xPrintServer devices with firmware before 5.0.1-65 have ...)
 	NOT-FOR-US: Lantronix xPrintServer
 CVE-2016-4324 (Use-after-free vulnerability in LibreOffice before 5.1.4 allows remote ...)
-	{DSA-3608-1}
+	{DSA-3608-1 DLA-581-1}
 	- libreoffice 1:5.1.4~rc1-1
 	NOTE: https://www.libreoffice.org/about-us/security/advisories/cve-2016-4324/
 	NOTE: http://www.talosintelligence.com/reports/TALOS-2016-0126/

More information about the Secure-testing-commits mailing list