[Secure-testing-commits] r39715 - in data: . CVE

Tue Feb 16 14:07:02 UTC 2016

Author: carnil
Date: 2016-02-16 14:07:02 +0000 (Tue, 16 Feb 2016)
New Revision: 39715

Modified:
   data/CVE/list
   data/next-oldstable-point-update.txt
Log:
Merge eglibc entries which were previously sheduled for point update

Modified: data/CVE/list
===================================================================

--- data/CVE/list	2016-02-16 14:03:13 UTC (rev 39714)
+++ data/CVE/list	2016-02-16 14:07:02 UTC (rev 39715)
@@ -8764,7 +8764,7 @@
 CVE-2015-XXXX [multiple overflows in strxfrm()]
 	- glibc 2.21-1 (bug #803927)
 	[jessie] - glibc 2.19-18+deb8u2
-	[wheezy] - glibc <no-dsa> (Minor issue, will be fixed in a point release)
+	[wheezy] - eglibc 2.13-38+deb7u9
 	- eglibc <removed>
 	[squeeze] - eglibc 2.11.3-4+deb6u8
 	NOTE: workaround entry for DLA-350-1 until/if CVE assigned
@@ -11990,7 +11990,6 @@
 	- glibc 2.21-1 (bug #798316; bug #801691)
 	[jessie] - glibc 2.19-18+deb8u2
 	- eglibc <removed>
-	[wheezy] - eglibc <no-dsa> (Minor issue)
 	[squeeze] - eglibc 2.11.3-4+deb6u7
 	NOTE: http://www.openwall.com/lists/oss-security/2015/09/05/8
 	NOTE: Upstream bug https://sourceware.org/bugzilla/show_bug.cgi?id=18928
@@ -25815,7 +25814,7 @@
 	- glibc 2.21-1 (bug #779587)
 	[jessie] - glibc 2.19-18+deb8u2
 	- eglibc <removed>
-	[wheezy] - eglibc <no-dsa> (Minor issue)
+	[wheezy] - eglibc 2.13-38+deb7u9
 	[squeeze] - eglibc 2.11.3-4+deb6u7
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=18032
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=4a28f4d55a6cc33474c0792fe93b5942d81bf185
@@ -25913,7 +25912,7 @@
 	NOT-FOR-US: Acobot Live Chat & Contact Form plugin for WordPress
 CVE-2015-XXXX [_IO_wstr_overflow integer overflow]
 	- eglibc <removed>
-	[wheezy] - eglibc <no-dsa> (Minor issue)
+	[wheezy] - eglibc 2.13-38+deb7u9
 	- glibc 2.21-1 (bug #779587)
 	[jessie] - glibc 2.19-18+deb8u2
 	[squeeze] - eglibc 2.11.3-4+deb6u7
@@ -26641,7 +26640,6 @@
 	- glibc 2.19-20 (bug #796105)
 	[jessie] - glibc 2.19-18+deb8u1
 	- eglibc <removed>
-	[wheezy] - eglibc <no-dsa> (Can be fixed along with a future DSA)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=18287
 	NOTE: Upstream commit: https://sourceware.org/git/?p=glibc.git;a=commit;h=2959eda9272a03386
 CVE-2015-1780

Modified: data/next-oldstable-point-update.txt
===================================================================
--- data/next-oldstable-point-update.txt	2016-02-16 14:03:13 UTC (rev 39714)
+++ data/next-oldstable-point-update.txt	2016-02-16 14:07:02 UTC (rev 39715)
@@ -23,18 +23,6 @@
 	[wheezy] - sendmail 8.14.4-4+deb7u1
 CVE-2015-6526
 	[wheezy] - linux 3.2.71-1
-CVE-2015-XXXX [multiple overflows in strxfrm()]
-	[wheezy] - eglibc 2.13-38+deb7u9
-CVE-2015-8777 [Glibc Pointer guarding weakness]
-	[wheezy] - eglibc 2.13-38+deb7u9
-CVE-2015-XXXX [potential application crash due to overread in fnmatch]
-	[wheezy] - eglibc 2.13-38+deb7u9
-CVE-2015-XXXX [_IO_wstr_overflow integer overflow]
-	[wheezy] - eglibc 2.13-38+deb7u9
-CVE-2015-1781
-	[wheezy] - eglibc 2.13-38+deb7u9
-CVE-2014-8121
-	[wheezy] - eglibc 2.13-38+deb7u9
 CVE-2015-8026 [Heap overflow]
 	[wheezy] - exfat-utils 0.9.7-2+deb7u1
 	[wheezy] - fuse-exfat 0.9.7-2+deb7u1


