[Secure-testing-commits] r47080 - data/CVE
Markus Koschany
apo at moszumanska.debian.org
Thu Dec 15 00:53:46 UTC 2016
Author: apo
Date: 2016-12-15 00:53:45 +0000 (Thu, 15 Dec 2016)
New Revision: 47080
Modified:
data/CVE/list
Log:
Mark all open bluez CVE as <no-dsa> for Wheezy because
the real-life impact for users is minimal. This is a minor issue.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-12-14 23:49:56 UTC (rev 47079)
+++ data/CVE/list 2016-12-15 00:53:45 UTC (rev 47080)
@@ -128,10 +128,12 @@
CVE-2016-9918 (In BlueZ 5.42, an out-of-bounds read was identified in "packet_hexdump" ...)
- bluez <unfixed> (bug #847837)
[jessie] - bluez <no-dsa> (Minor issue)
+ [wheezy] - bluez <no-dsa> (Minor issue)
NOTE: https://www.spinics.net/lists/linux-bluetooth/msg68898.html
CVE-2016-9917 (In BlueZ 5.42, a buffer overflow was observed in "read_n" function in ...)
- bluez <unfixed> (bug #847837)
[jessie] - bluez <no-dsa> (Minor issue)
+ [wheezy] - bluez <no-dsa> (Minor issue)
NOTE: https://www.spinics.net/lists/linux-bluetooth/msg68892.html
CVE-2016-9906
RESERVED
@@ -7458,34 +7460,42 @@
CVE-2016-9804 (In BlueZ 5.42, a buffer overflow was observed in "commands_dump" ...)
- bluez <unfixed> (bug #847837)
[jessie] - bluez <no-dsa> (Minor issue)
+ [wheezy] - bluez <no-dsa> (Minor issue)
NOTE: https://www.spinics.net/lists/linux-bluetooth/msg68892.html
CVE-2016-9803 (In BlueZ 5.42, an out-of-bounds read was observed in "le_meta_ev_dump" ...)
- bluez <unfixed> (bug #847837)
[jessie] - bluez <no-dsa> (Minor issue)
+ [wheezy] - bluez <no-dsa> (Minor issue)
NOTE: https://www.spinics.net/lists/linux-bluetooth/msg68892.html
CVE-2016-9802 (In BlueZ 5.42, a buffer over-read was identified in "l2cap_packet" ...)
- bluez <unfixed> (bug #847837)
[jessie] - bluez <no-dsa> (Minor issue)
+ [wheezy] - bluez <no-dsa> (Minor issue)
NOTE: https://www.spinics.net/lists/linux-bluetooth/msg68898.html
CVE-2016-9801 (In BlueZ 5.42, a buffer overflow was observed in "set_ext_ctrl" ...)
- bluez <unfixed> (bug #847837)
[jessie] - bluez <no-dsa> (Minor issue)
+ [wheezy] - bluez <no-dsa> (Minor issue)
NOTE: https://www.spinics.net/lists/linux-bluetooth/msg68892.html
CVE-2016-9800 (In BlueZ 5.42, a buffer overflow was observed in "pin_code_reply_dump" ...)
- bluez <unfixed> (bug #847837)
[jessie] - bluez <no-dsa> (Minor issue)
+ [wheezy] - bluez <no-dsa> (Minor issue)
NOTE: https://www.spinics.net/lists/linux-bluetooth/msg68892.html
CVE-2016-9799 (In BlueZ 5.42, a buffer overflow was observed in "pklg_read_hci" ...)
- bluez <unfixed> (bug #847837)
[jessie] - bluez <no-dsa> (Minor issue)
+ [wheezy] - bluez <no-dsa> (Minor issue)
NOTE: https://www.spinics.net/lists/linux-bluetooth/msg68898.html
CVE-2016-9798 (In BlueZ 5.42, a use-after-free was identified in "conf_opt" function ...)
- bluez <unfixed> (bug #847837)
[jessie] - bluez <no-dsa> (Minor issue)
+ [wheezy] - bluez <no-dsa> (Minor issue)
NOTE: https://www.spinics.net/lists/linux-bluetooth/msg68892.html
CVE-2016-9797 (In BlueZ 5.42, a buffer over-read was observed in "l2cap_dump" function ...)
- bluez <unfixed> (bug #847837)
[jessie] - bluez <no-dsa> (Minor issue)
+ [wheezy] - bluez <no-dsa> (Minor issue)
NOTE: https://www.spinics.net/lists/linux-bluetooth/msg68892.html
CVE-2016-9794 [Linux kernel: ALSA: use-after-free in,kill_fasync]
RESERVED
More information about the Secure-testing-commits
mailing list