[Secure-testing-commits] r46933 - data/CVE
Nicholas Luedtke
nluedtke-guest at moszumanska.debian.org
Fri Dec 9 15:19:55 UTC 2016
Author: nluedtke-guest
Date: 2016-12-09 15:19:55 +0000 (Fri, 09 Dec 2016)
New Revision: 46933
Modified:
data/CVE/list
Log:
Add two Asterisk issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-12-09 09:57:47 UTC (rev 46932)
+++ data/CVE/list 2016-12-09 15:19:55 UTC (rev 46933)
@@ -1,3 +1,11 @@
+CVE-2016-XXXX [AST-2016-008]
+ - asterisk <unfixed>
+ NOTE: http://downloads.asterisk.org/pub/security/AST-2016-008.html
+ TODO: check affected versions
+CVE-2016-XXXX [AST-2016-009]
+ - asterisk <unfixed>
+ NOTE: http://downloads.asterisk.org/pub/security/AST-2016-009.html
+ TODO: check affected versions
CVE-2016-9923 [char: use after free issue in char backend]
- qemu <unfixed>
- qemu-kvm <removed>
@@ -17,7 +25,7 @@
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1334398
NOTE: Fixed by: http://git.qemu.org/?p=qemu.git;a=commit;h=4299b90e9ba9ce5ca9024572804ba751aa1a7e70 (v2.8.0-rc3)
NOTE: CVE for the "'cirrus_get_bpp' returns zero(0), which could lead to a divide by zero" issue.
-CVE-2016-9918 (In BlueZ 5.42, an out-of-bounds read was identified in "packet_hexdump" ...)
+CVE-2016-9918 (In BlueZ 5.42, an out-of-bounds read fwas identified in "packet_hexdump" ...)
- bluez <unfixed>
NOTE: https://www.spinics.net/lists/linux-bluetooth/msg68898.html
CVE-2016-9917 (In BlueZ 5.42, a buffer overflow was observed in "read_n" function in ...)
More information about the Secure-testing-commits
mailing list