[Secure-testing-commits] r39873 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Wed Feb 24 05:29:42 UTC 2016
Author: carnil
Date: 2016-02-24 05:29:42 +0000 (Wed, 24 Feb 2016)
New Revision: 39873
Modified:
data/CVE/list
Log:
Add CVE-2016-2550/linux
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-02-23 21:24:16 UTC (rev 39872)
+++ data/CVE/list 2016-02-24 05:29:42 UTC (rev 39873)
@@ -1,3 +1,10 @@
+CVE-2016-2550 [unix: correctly track in-flight fds in sending process user_struct]
+ - linux <unfixed>
+ - linux-2.6 <removed>
+ NOTE: Upstream fix: https://git.kernel.org/linus/415e3d3e90ce9e18727e8843ae343eda5a58fad6 (v4.5-rc4)
+ NOTE: Introduced by: https://git.kernel.org/linus/712f4aad406bb1ed67f3f98d04c044191f0ff593 (v4.5-rc1)
+ NOTE: Technically wheezy-security and squeeze-lts are not affected by this CVE since the fix for
+ NOTE: addressing CVE-2013-4312 was not applied.
CVE-2016-2537 (The is-my-json-valid package before 2.12.4 for Node.js has an ...)
TODO: check
CVE-2016-2536 (Multiple use-after-free vulnerabilities in SAP 3D Visual Enterprise ...)
More information about the Secure-testing-commits
mailing list