[Secure-testing-commits] r39033 - in data: . CVE DLA
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Wed Jan 20 08:10:33 UTC 2016
Author: carnil
Date: 2016-01-20 08:10:33 +0000 (Wed, 20 Jan 2016)
New Revision: 39033
Modified:
data/CVE/list
data/DLA/list
data/next-oldstable-point-update.txt
data/next-point-update.txt
Log:
CVE-2015-8777 assigned for glibc
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-01-20 08:07:11 UTC (rev 39032)
+++ data/CVE/list 2016-01-20 08:10:33 UTC (rev 39033)
@@ -9980,16 +9980,15 @@
RESERVED
- ruby-devise-two-factor 2.0.0-1 (bug #798466)
NOTE: http://www.openwall.com/lists/oss-security/2015/09/06/2
-CVE-2015-XXXX [Glibc Pointer guarding weakness]
+CVE-2015-8777 [Glibc Pointer guarding weakness]
- glibc 2.21-1 (bug #798316; bug #801691)
[jessie] - glibc <no-dsa> (Minor issue)
- eglibc <removed>
[wheezy] - eglibc <no-dsa> (Minor issue)
[squeeze] - eglibc 2.11.3-4+deb6u7
- NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/09/05/8
+ NOTE: http://www.openwall.com/lists/oss-security/2015/09/05/8
NOTE: Upstream bug https://sourceware.org/bugzilla/show_bug.cgi?id=18928
NOTE: https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commit;h=a014cecd82b71b70a6a843e250e06b541ad524f7
- NOTE: Added workaround entry for DLA-316-1 until CVE assigned.
CVE-2015-6815 [Qemu: net: e1000 infinite loop issue]
RESERVED
{DSA-3362-1 DSA-3361-1}
Modified: data/DLA/list
===================================================================
--- data/DLA/list 2016-01-20 08:07:11 UTC (rev 39032)
+++ data/DLA/list 2016-01-20 08:10:33 UTC (rev 39033)
@@ -237,7 +237,7 @@
{CVE-2014-9638 CVE-2014-9639 CVE-2014-9640 CVE-2015-6749}
[squeeze] - vorbis-tools 1.4.0-1+deb6u1
[27 Sep 2015] DLA-316-1 eglibc - security update
- {CVE-2014-8121}
+ {CVE-2014-8121 CVE-2015-8777}
[squeeze] - eglibc 2.11.3-4+deb6u7
[26 Sep 2015] DLA-315-1 nss - security update
{CVE-2015-2721 CVE-2015-2730}
Modified: data/next-oldstable-point-update.txt
===================================================================
--- data/next-oldstable-point-update.txt 2016-01-20 08:07:11 UTC (rev 39032)
+++ data/next-oldstable-point-update.txt 2016-01-20 08:10:33 UTC (rev 39033)
@@ -27,7 +27,7 @@
[wheezy] - postgresql-9.1 9.1.19-0+deb7u1
CVE-2015-XXXX [multiple overflows in strxfrm()]
[wheezy] - eglibc 2.13-38+deb7u9
-CVE-2015-XXXX [Glibc Pointer guarding weakness]
+CVE-2015-8777 [Glibc Pointer guarding weakness]
[wheezy] - eglibc 2.13-38+deb7u9
CVE-2015-XXXX [potential application crash due to overread in fnmatch]
[wheezy] - eglibc 2.13-38+deb7u9
Modified: data/next-point-update.txt
===================================================================
--- data/next-point-update.txt 2016-01-20 08:07:11 UTC (rev 39032)
+++ data/next-point-update.txt 2016-01-20 08:10:33 UTC (rev 39033)
@@ -83,7 +83,7 @@
[jessie] - glibc 2.19-18+deb8u2
CVE-2014-8121
[jessie] - glibc 2.19-18+deb8u2
-CVE-2015-XXXX [Glibc Pointer guarding weakness]
+CVE-2015-8777 [Glibc Pointer guarding weakness]
[jessie] - glibc 2.19-18+deb8u2
CVE-2015-XXXX [multiple overflows in strxfrm()]
[jessie] - glibc 2.19-18+deb8u2
More information about the Secure-testing-commits
mailing list