[Secure-testing-commits] r40029 - data/CVE
security tracker role
sectracker at moszumanska.debian.org
Sun Feb 28 21:10:12 UTC 2016
Author: sectracker
Date: 2016-02-28 21:10:12 +0000 (Sun, 28 Feb 2016)
New Revision: 40029
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-02-28 21:10:06 UTC (rev 40028)
+++ data/CVE/list 2016-02-28 21:10:12 UTC (rev 40029)
@@ -735,6 +735,7 @@
NOTE: https://github.com/kamailio/kamailio/commit/f50c9c853e7809810099c970780c30b0765b0643
CVE-2016-2384 [Double-free in snd-usbmidi-lib triggered by invalid USB descriptor]
RESERVED
+ {DLA-439-1}
- linux 4.4.2-1
- linux-2.6 <removed>
NOTE: Fixed by: https://git.kernel.org/linus/07d86ca93db7e5cdf4743564d98292042ec21af7 (v4.5-rc4)
@@ -1041,6 +1042,7 @@
NOT-FOR-US: Umbraco
CVE-2015-8812 [Flaw in CXGB3 driver]
RESERVED
+ {DLA-439-1}
- linux 4.4.2-1
- linux-2.6 <removed>
NOTE: http://www.openwall.com/lists/oss-security/2016/02/11/1
@@ -1522,10 +1524,12 @@
NOTE: http://trac.roundcube.net/ticket/1490417 - mentions 1.0 not vulnerable, verified code not present in squeeze
NOTE: http://trac.roundcube.net/changeset/b782815dac/github
CVE-2015-8791 (The EbmlElement::ReadCodedSizeValue function in libEBML before 1.3.3 ...)
+ {DLA-438-1}
- libebml 1.3.3-1
NOTE: https://lists.matroska.org/pipermail/matroska-users/2015-October/006985.html
NOTE: https://github.com/Matroska-Org/libebml/commit/24e5cd7c666b1ddd85619d60486db0a5481c1b90
CVE-2015-8790 (The EbmlUnicodeString::UpdateFromUTF8 function in libEBML before 1.3.3 ...)
+ {DLA-438-1}
- libebml 1.3.3-1
NOTE: https://lists.matroska.org/pipermail/matroska-users/2015-October/006985.html
NOTE: https://github.com/Matroska-Org/libebml/commit/ababb64e0c792ad2a314245233db0833ba12036b
@@ -1746,22 +1750,27 @@
RESERVED
CVE-2016-2058
RESERVED
+ {DSA-3495-1}
- xymon 4.3.25-1
NOTE: http://lists.xymon.com/pipermail/xymon/2016-February/042986.html
CVE-2016-2057 [Incorrect permissions on IPC queues used by the xymond daemon can bypass IP access filtering]
RESERVED
+ {DSA-3495-1}
- xymon 4.3.25-1
NOTE: http://lists.xymon.com/pipermail/xymon/2016-February/042986.html
CVE-2016-2056 [Shell command injection in the "useradm" and "chpasswd" web applications]
RESERVED
+ {DSA-3495-1}
- xymon 4.3.25-1
NOTE: http://lists.xymon.com/pipermail/xymon/2016-February/042986.html
CVE-2016-2055 [Access to possibly confidential files in the Xymon configuration directory]
RESERVED
+ {DSA-3495-1}
- xymon 4.3.25-1
NOTE: http://lists.xymon.com/pipermail/xymon/2016-February/042986.html
CVE-2016-2054 [Buffer overflow in xymond handling of "config" command]
RESERVED
+ {DSA-3495-1}
- xymon 4.3.25-1
NOTE: http://lists.xymon.com/pipermail/xymon/2016-February/042986.html
CVE-2016-2052 (Multiple unspecified vulnerabilities in HarfBuzz before 1.0.6, as used ...)
@@ -3261,6 +3270,7 @@
CVE-2016-1527
RESERVED
CVE-2016-1526 (The TtfUtil:LocaLookup function in TtfUtil.cpp in Libgraphite in ...)
+ {DSA-3491-1 DSA-3479-1 DSA-3477-1}
- graphite2 1.3.5-1
NOTE: http://blog.talosintel.com/2016/02/vulnerability-spotlight-libgraphite.html
NOTE: Talos Blog mentions this CVE, but it is not listed in
@@ -5657,6 +5667,7 @@
NOTE: https://github.com/python-pillow/Pillow/commit/bcaaf97f4ff25b3b5b9e8efeda364e17e80858ec (3.1.1)
CVE-2016-0774 [Incomplete fix for CVE-2015-1805 for kernel versions < 3.16]
RESERVED
+ {DLA-439-1}
- linux 3.16.2-2
- linux-2.6 <removed>
NOTE: https://rhn.redhat.com/errata/RHSA-2016-0103.html
More information about the Secure-testing-commits
mailing list