[Secure-testing-commits] r46983 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Mon Dec 12 08:23:02 UTC 2016
Author: carnil
Date: 2016-12-12 08:23:02 +0000 (Mon, 12 Dec 2016)
New Revision: 46983
Modified:
data/CVE/list
Log:
Mark bluez as no-dsa, need to fill bugreport
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-12-12 06:34:56 UTC (rev 46982)
+++ data/CVE/list 2016-12-12 08:23:02 UTC (rev 46983)
@@ -32,9 +32,11 @@
NOTE: CVE for the "'cirrus_get_bpp' returns zero(0), which could lead to a divide by zero" issue.
CVE-2016-9918 (In BlueZ 5.42, an out-of-bounds read was identified in "packet_hexdump" ...)
- bluez <unfixed>
+ [jessie] - bluez <no-dsa> (Minor issue)
NOTE: https://www.spinics.net/lists/linux-bluetooth/msg68898.html
CVE-2016-9917 (In BlueZ 5.42, a buffer overflow was observed in "read_n" function in ...)
- bluez <unfixed>
+ [jessie] - bluez <no-dsa> (Minor issue)
NOTE: https://www.spinics.net/lists/linux-bluetooth/msg68892.html
CVE-2016-9906
RESERVED
@@ -7296,27 +7298,35 @@
RESERVED
CVE-2016-9804 (In BlueZ 5.42, a buffer overflow was observed in "commands_dump" ...)
- bluez <unfixed>
+ [jessie] - bluez <no-dsa> (Minor issue)
NOTE: https://www.spinics.net/lists/linux-bluetooth/msg68892.html
CVE-2016-9803 (In BlueZ 5.42, an out-of-bounds read was observed in "le_meta_ev_dump" ...)
- bluez <unfixed>
+ [jessie] - bluez <no-dsa> (Minor issue)
NOTE: https://www.spinics.net/lists/linux-bluetooth/msg68892.html
CVE-2016-9802 (In BlueZ 5.42, a buffer over-read was identified in "l2cap_packet" ...)
- bluez <unfixed>
+ [jessie] - bluez <no-dsa> (Minor issue)
NOTE: https://www.spinics.net/lists/linux-bluetooth/msg68898.html
CVE-2016-9801 (In BlueZ 5.42, a buffer overflow was observed in "set_ext_ctrl" ...)
- bluez <unfixed>
+ [jessie] - bluez <no-dsa> (Minor issue)
NOTE: https://www.spinics.net/lists/linux-bluetooth/msg68892.html
CVE-2016-9800 (In BlueZ 5.42, a buffer overflow was observed in "pin_code_reply_dump" ...)
- bluez <unfixed>
+ [jessie] - bluez <no-dsa> (Minor issue)
NOTE: https://www.spinics.net/lists/linux-bluetooth/msg68892.html
CVE-2016-9799 (In BlueZ 5.42, a buffer overflow was observed in "pklg_read_hci" ...)
- bluez <unfixed>
+ [jessie] - bluez <no-dsa> (Minor issue)
NOTE: https://www.spinics.net/lists/linux-bluetooth/msg68898.html
CVE-2016-9798 (In BlueZ 5.42, a use-after-free was identified in "conf_opt" function ...)
- bluez <unfixed>
+ [jessie] - bluez <no-dsa> (Minor issue)
NOTE: https://www.spinics.net/lists/linux-bluetooth/msg68892.html
CVE-2016-9797 (In BlueZ 5.42, a buffer over-read was observed in "l2cap_dump" function ...)
- bluez <unfixed>
+ [jessie] - bluez <no-dsa> (Minor issue)
NOTE: https://www.spinics.net/lists/linux-bluetooth/msg68892.html
CVE-2016-9794 [Linux kernel: ALSA: use-after-free in,kill_fasync]
RESERVED
More information about the Secure-testing-commits
mailing list