[Secure-testing-commits] r47447 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Mon Dec 26 18:11:27 UTC 2016
Author: jmm
Date: 2016-12-26 18:11:27 +0000 (Mon, 26 Dec 2016)
New Revision: 47447
Modified:
data/CVE/list
Log:
drop older gvfs issue which never got a a CVE ID
this is a plain bug, a malicious WebDAV could do more worse to the client
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-12-26 16:15:57 UTC (rev 47446)
+++ data/CVE/list 2016-12-26 18:11:27 UTC (rev 47447)
@@ -43352,12 +43352,6 @@
[wheezy] - audiofile <no-dsa> (Minor issue)
[squeeze] - audiofile <not-affected> (Vulnerable code introduced later)
NOTE: http://www.openwall.com/lists/oss-security/2015/10/06/2
-CVE-2015-XXXX [gvfsd-dav: null pointer dereference if server response is not escaped]
- - gvfs 1.23.90-1
- [jessie] - gvfs <no-dsa> (Minor issue)
- [wheezy] - gvfs <no-dsa> (Minor issue)
- [squeeze] - gvfs <no-dsa> (Minor issue)
- NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/10/06/3
CVE-2015-7705 [An attacker can forge packets that claim to be from the target and send them to servers often enough that a server that implements KoD rate limiting will send the target machine a KoD response to attempt to reduce the rate of incoming packets]
RESERVED
- ntp 1:4.2.8p4+dfsg-3
More information about the Secure-testing-commits
mailing list