[Secure-testing-commits] r47453 - data/CVE

Moritz Muehlenhoff jmm at moszumanska.debian.org
Mon Dec 26 19:10:57 UTC 2016


Author: jmm
Date: 2016-12-26 19:10:57 +0000 (Mon, 26 Dec 2016)
New Revision: 47453

Modified:
   data/CVE/list
Log:
mark libdata-uuid-perl as unimportant
drop socat temp entry, (correctly) denied by MITRE


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-12-26 19:09:29 UTC (rev 47452)
+++ data/CVE/list	2016-12-26 19:10:57 UTC (rev 47453)
@@ -33747,13 +33747,6 @@
 	NOTE: https://wordpress.org/news/2016/02/wordpress-4-4-2-security-and-maintenance-release/
 	NOTE: https://core.trac.wordpress.org/changeset/36435
 	NOTE: http://www.openwall.com/lists/oss-security/2016/02/04/4
-CVE-2016-XXXX [Socat security advisory 8 - Stack overflow in parser]
-	- socat 1.7.3.1-1 (bug #813535)
-	[jessie] - socat <no-dsa> (Minor issue)
-	[wheezy] - socat <no-dsa> (Minor issue)
-	[squeeze] - socat <no-dsa> (Minor issue)
-	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/02/01/5
-	NOTE: http://www.dest-unreach.org/socat/contrib/socat-secadv8.html
 CVE-2016-2217 [Socat security advisory 7 - Created new 2048bit DH modulus]
 	RESERVED
 	- socat 1.7.3.1-1 (bug #813536)
@@ -99916,9 +99909,8 @@
 	[wheezy] - nova <no-dsa> (Minor issue)
 CVE-2013-4184 [symlink attacks]
 	RESERVED
-	- libdata-uuid-perl <unfixed> (low; bug #718949)
-	[jessie] - libdata-uuid-perl <no-dsa> (Rendered non-exploitable by kernel hardening)
-	[wheezy] - libdata-uuid-perl <no-dsa> (Rendered non-exploitable by kernel hardening)
+	- libdata-uuid-perl <unfixed> (unimportant; bug #718949)
+	NOTE: Neutralised by kernel temp hardening
 CVE-2013-4183 (The clear_volume function in LVMVolumeDriver driver in OpenStack ...)
 	- cinder 2013.1.2-4 (bug #719010)
 CVE-2013-4182 (app/controllers/api/v1/hosts_controller.rb in Foreman before 1.2.2 ...)




More information about the Secure-testing-commits mailing list