[Secure-testing-commits] r39033 - in data: . CVE DLA

Salvatore Bonaccorso carnil at moszumanska.debian.org
Wed Jan 20 08:10:33 UTC 2016 

Author: carnil
Date: 2016-01-20 08:10:33 +0000 (Wed, 20 Jan 2016)
New Revision: 39033

Modified:
   data/CVE/list
   data/DLA/list
   data/next-oldstable-point-update.txt
   data/next-point-update.txt
Log:
CVE-2015-8777 assigned for glibc

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-01-20 08:07:11 UTC (rev 39032)
+++ data/CVE/list	2016-01-20 08:10:33 UTC (rev 39033)
@@ -9980,16 +9980,15 @@
 	RESERVED
 	- ruby-devise-two-factor 2.0.0-1 (bug #798466)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/09/06/2
-CVE-2015-XXXX [Glibc Pointer guarding weakness]
+CVE-2015-8777 [Glibc Pointer guarding weakness]
 	- glibc 2.21-1 (bug #798316; bug #801691)
 	[jessie] - glibc <no-dsa> (Minor issue)
 	- eglibc <removed>
 	[wheezy] - eglibc <no-dsa> (Minor issue)
 	[squeeze] - eglibc 2.11.3-4+deb6u7
-	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/09/05/8
+	NOTE: http://www.openwall.com/lists/oss-security/2015/09/05/8
 	NOTE: Upstream bug https://sourceware.org/bugzilla/show_bug.cgi?id=18928
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commit;h=a014cecd82b71b70a6a843e250e06b541ad524f7
-	NOTE: Added workaround entry for DLA-316-1 until CVE assigned.
 CVE-2015-6815 [Qemu: net: e1000 infinite loop issue]
 	RESERVED
 	{DSA-3362-1 DSA-3361-1}

Modified: data/DLA/list
===================================================================
--- data/DLA/list	2016-01-20 08:07:11 UTC (rev 39032)
+++ data/DLA/list	2016-01-20 08:10:33 UTC (rev 39033)
@@ -237,7 +237,7 @@
 	{CVE-2014-9638 CVE-2014-9639 CVE-2014-9640 CVE-2015-6749}
 	[squeeze] - vorbis-tools 1.4.0-1+deb6u1
 [27 Sep 2015] DLA-316-1 eglibc - security update
-	{CVE-2014-8121}
+	{CVE-2014-8121 CVE-2015-8777}
 	[squeeze] - eglibc 2.11.3-4+deb6u7
 [26 Sep 2015] DLA-315-1 nss - security update
 	{CVE-2015-2721 CVE-2015-2730}

Modified: data/next-oldstable-point-update.txt
===================================================================
--- data/next-oldstable-point-update.txt	2016-01-20 08:07:11 UTC (rev 39032)
+++ data/next-oldstable-point-update.txt	2016-01-20 08:10:33 UTC (rev 39033)
@@ -27,7 +27,7 @@
 	[wheezy] - postgresql-9.1 9.1.19-0+deb7u1
 CVE-2015-XXXX [multiple overflows in strxfrm()]
 	[wheezy] - eglibc 2.13-38+deb7u9
-CVE-2015-XXXX [Glibc Pointer guarding weakness]
+CVE-2015-8777 [Glibc Pointer guarding weakness]
 	[wheezy] - eglibc 2.13-38+deb7u9
 CVE-2015-XXXX [potential application crash due to overread in fnmatch]
 	[wheezy] - eglibc 2.13-38+deb7u9

Modified: data/next-point-update.txt
===================================================================
--- data/next-point-update.txt	2016-01-20 08:07:11 UTC (rev 39032)
+++ data/next-point-update.txt	2016-01-20 08:10:33 UTC (rev 39033)
@@ -83,7 +83,7 @@
 	[jessie] - glibc 2.19-18+deb8u2
 CVE-2014-8121
 	[jessie] - glibc 2.19-18+deb8u2
-CVE-2015-XXXX [Glibc Pointer guarding weakness]
+CVE-2015-8777 [Glibc Pointer guarding weakness]
 	[jessie] - glibc 2.19-18+deb8u2
 CVE-2015-XXXX [multiple overflows in strxfrm()]
 	[jessie] - glibc 2.19-18+deb8u2

More information about the Secure-testing-commits mailing list