[Secure-testing-commits] r39732 - data/CVE

Tue Feb 16 21:10:13 UTC 2016

Author: sectracker
Date: 2016-02-16 21:10:13 +0000 (Tue, 16 Feb 2016)
New Revision: 39732

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================

--- data/CVE/list	2016-02-16 20:03:04 UTC (rev 39731)
+++ data/CVE/list	2016-02-16 21:10:13 UTC (rev 39732)
@@ -499,6 +499,7 @@
 	RESERVED
 CVE-2014-9765 [Buffer overflow]
 	RESERVED
+	{DLA-417-1}
 	- xdelta3 3.0.8-dfsg-1.1 (bug #814067)
 	NOTE: https://github.com/jmacd/xdelta-devel/commit/ef93ff74203e030073b898c05e8b4860b5d09ef2
 	NOTE: http://www.openwall.com/lists/oss-security/2016/02/08/1
@@ -913,14 +914,14 @@
 	NOTE: https://github.com/python-pillow/Pillow/commit/ae453aa18b66af54e7ff716f4ccb33adca60afd4
 CVE-2016-2221 [open redirect vulnerability]
 	RESERVED
-	{DSA-3472-1}
+	{DSA-3472-1 DLA-418-1}
 	- wordpress 4.4.2+dfsg-1 (bug #813697)
 	NOTE: https://wordpress.org/news/2016/02/wordpress-4-4-2-security-and-maintenance-release/
 	NOTE:  https://core.trac.wordpress.org/changeset/36444
 	NOTE: http://www.openwall.com/lists/oss-security/2016/02/04/4
 CVE-2016-2222 [SSRF for certain local URIs]
 	RESERVED
-	{DSA-3472-1}
+	{DSA-3472-1 DLA-418-1}
 	- wordpress 4.4.2+dfsg-1 (bug #813697)
 	NOTE: https://wordpress.org/news/2016/02/wordpress-4-4-2-security-and-maintenance-release/
 	NOTE: https://core.trac.wordpress.org/changeset/36435
@@ -2095,19 +2096,19 @@
 	RESERVED
 CVE-2015-8779 [catopen() Multiple unbounded stack allocations]
 	RESERVED
-	{DLA-411-1}
+	{DSA-3481-1 DSA-3480-1 DLA-411-1}
 	- glibc 2.21-7 (bug #812455)
 	- eglibc <removed>
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=17905#c0
 CVE-2015-8778 [hcreate((size_t)-1) should fail with ENOMEM]
 	RESERVED
-	{DLA-411-1}
+	{DSA-3481-1 DSA-3480-1 DLA-411-1}
 	- glibc 2.21-8 (bug #812441)
 	- eglibc <removed>
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=18240
 CVE-2015-8776 [Passing out of range data to strftime() causes a segfault]
 	RESERVED
-	{DLA-411-1}
+	{DSA-3481-1 DSA-3480-1 DLA-411-1}
 	- glibc 2.21-7 (bug #812445)
 	- eglibc <removed>
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=18985
@@ -10074,7 +10075,7 @@
 	NOTE: https://bugs.launchpad.net/bugs/1524274
 CVE-2015-7547 [glibc getaddrinfo stack-based buffer overflow]
 	RESERVED
-	{DLA-416-1}
+	{DSA-3481-1 DSA-3480-1 DLA-416-1}
 	- glibc 2.21-8
 	- eglibc <removed>
 	NOTE: https://googleonlinesecurity.blogspot.cz/2016/02/cve-2015-7547-glibc-getaddrinfo-stack.html
@@ -12000,7 +12001,7 @@
 	- ruby-devise-two-factor 2.0.0-1 (bug #798466)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/09/06/2
 CVE-2015-8777 (The process_envvars function in elf/rtld.c in the GNU C Library (aka ...)
-	{DLA-316-1}
+	{DSA-3480-1 DLA-316-1}
 	- glibc 2.21-1 (bug #798316; bug #801691)
 	[jessie] - glibc 2.19-18+deb8u2
 	- eglibc <removed>
@@ -26649,7 +26650,7 @@
 	- libssh2 1.4.3-4.1 (bug #780249)
 	NOTE: http://www.libssh2.org/adv_20150311.html
 CVE-2015-1781 (Buffer overflow in the gethostbyname_r and other unspecified NSS ...)
-	{DLA-230-1}
+	{DSA-3480-1 DLA-230-1}
 	[experimental] - glibc 2.21-0experimental1
 	- glibc 2.19-20 (bug #796105)
 	[jessie] - glibc 2.19-18+deb8u1
@@ -36646,7 +36647,7 @@
 CVE-2014-8122 (Race condition in JBoss Weld before 2.2.8 and 3.x before 3.0.0 Alpha3 ...)
 	NOT-FOR-US: JBoss Weld
 CVE-2014-8121 (DB_LOOKUP in nss_files/files-XXX.c in the Name Service Switch (NSS) in ...)
-	{DLA-316-1}
+	{DSA-3480-1 DLA-316-1}
 	- glibc 2.21-1 (low; bug #779587)
 	[jessie] - glibc 2.19-18+deb8u2
 	- eglibc <removed> (low)


