[Secure-testing-commits] r44128 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Thu Aug 25 06:53:16 UTC 2016
Author: carnil
Date: 2016-08-25 06:53:16 +0000 (Thu, 25 Aug 2016)
New Revision: 44128
Modified:
data/CVE/list
Log:
Add separate entry for cracklib2 issue
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-08-25 05:53:12 UTC (rev 44127)
+++ data/CVE/list 2016-08-25 06:53:16 UTC (rev 44128)
@@ -2031,6 +2031,11 @@
- foreman <itp> (bug #663101)
CVE-2016-6319 (Cross-site scripting (XSS) vulnerability in app/helpers/form_helper.rb ...)
- foreman <itp> (bug #663101)
+CVE-2016-XXXX [Buffer overflow processing long words]
+ - cracklib2 <unfixed> (bug #835386)
+ [jessie] - cracklib2 <no-dsa> (Minor issue)
+ NOTE: SuSE Patch: https://build.opensuse.org/package/view_file/Base:System/cracklib/0004-overflow-processing-long-words.patch
+ NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/08/23/8
CVE-2016-6318 [Stack-based buffer overflow when parsing large GECOS field]
RESERVED
{DLA-599-1}
More information about the Secure-testing-commits
mailing list