[Secure-testing-commits] r39358 - data/CVE
security tracker role
sectracker at moszumanska.debian.org
Sat Jan 30 21:10:12 UTC 2016
Author: sectracker
Date: 2016-01-30 21:10:12 +0000 (Sat, 30 Jan 2016)
New Revision: 39358
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-01-30 20:04:08 UTC (rev 39357)
+++ data/CVE/list 2016-01-30 21:10:12 UTC (rev 39358)
@@ -173,6 +173,7 @@
NOTE: https://www.phpmyadmin.net/security/PMASA-2016-6/
CVE-2016-2041
RESERVED
+ {DLA-406-1}
- phpmyadmin 4:4.5.4-1
NOTE: https://www.phpmyadmin.net/security/PMASA-2016-5/
NOTE: https://github.com/phpmyadmin/phpmyadmin/commit/fe62b69a5b032de8e1d9d0a04456c1cecf46428c
@@ -183,6 +184,7 @@
NOTE: https://www.phpmyadmin.net/security/PMASA-2016-3/
CVE-2016-2039
RESERVED
+ {DLA-406-1}
- phpmyadmin 4:4.5.4-1
NOTE: https://www.phpmyadmin.net/security/PMASA-2016-2/
NOTE: https://github.com/phpmyadmin/phpmyadmin/commit/6fe54dfa000dd6f43f237e859781fad7111ac1bd
@@ -212,24 +214,28 @@
NOTE: Introduced in https://git.kernel.org/linus/3d167d68e3805ee45ed2e8412fc03ed919c54c24 (v3.13-rc1)
CVE-2015-8783 [other out-of-bounds reads]
RESERVED
+ {DLA-405-1}
- tiff 4.0.6-1
NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2522
NOTE: Commit: https://github.com/vadz/libtiff/commit/aaab5c3c9d2a2c6984f23ccbc79702610439bc65
NOTE: http://www.openwall.com/lists/oss-security/2016/01/24/3
CVE-2015-8782 [other out-of-bounds writes]
RESERVED
+ {DLA-405-1}
- tiff 4.0.6-1
NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2522
NOTE: Commit: https://github.com/vadz/libtiff/commit/aaab5c3c9d2a2c6984f23ccbc79702610439bc65
NOTE: http://www.openwall.com/lists/oss-security/2016/01/24/3
CVE-2015-8781 [an out of bounds write at tif_luv.c:208]
RESERVED
+ {DLA-405-1}
- tiff 4.0.6-1
NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2522#0
NOTE: Commit: https://github.com/vadz/libtiff/commit/aaab5c3c9d2a2c6984f23ccbc79702610439bc65
NOTE: http://www.openwall.com/lists/oss-security/2016/01/24/3
CVE-2015-8784 [potential out-of-bound write in NeXTDecode()]
RESERVED
+ {DLA-405-1}
- tiff 4.0.6-1
NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2508
NOTE: Can be reproduced with tiff compiled with AddressSanitizer
@@ -2146,11 +2152,11 @@
NOTE: Affects: >= 2014.2 <= 2015.1.2, ==12.0.0
CVE-2015-8748 [Prevent regex injection in rights management]
RESERVED
- {DLA-403-1}
+ {DSA-3462-1 DLA-403-1}
- radicale 1.1.1-1 (bug #809920)
CVE-2015-8747 [The multifilesystem backend allows access to arbitrary files on all platforms]
RESERVED
- {DLA-403-1}
+ {DSA-3462-1 DLA-403-1}
- radicale 1.1.1-1 (bug #809920)
CVE-2015-8746 [when NFSv4 migration is executed, kernel oops occurs at NFS client]
RESERVED
@@ -3954,6 +3960,7 @@
RESERVED
CVE-2016-0756 [insecure dialback key generation/validation algorithm]
RESERVED
+ {DLA-407-1}
- prosody 0.9.10-1
NOTE: http://blog.prosody.im/prosody-0-9-10-released/
NOTE: https://prosody.im/security/advisory_20160127/
@@ -16295,7 +16302,7 @@
NOTE: For ICU note that the original fix causes additional problems:
NOTE: https://ssl.icu-project.org/trac/ticket/12020#comment:4
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1298906#c1
- NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1273318
+ NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1273318
NOTE: see also CVE-2016-0494, introduced in through the fix for this CVE.
NOTE: patch: http://hg.openjdk.java.net/jdk8u/jdk8u/jdk/rev/dbb4e2bdfa9e
CVE-2015-4843 (Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and ...)
@@ -26266,7 +26273,7 @@
NOTE: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=2c4832d30939b45c05757f0a05128ce64c4cacc7
NOTE: https://code.google.com/p/google-security-research/issues/detail?id=151
CVE-2014-9674 (The Mac_Read_POST_Resource function in base/ftobjs.c in FreeType ...)
- {DLA-185-1}
+ {DSA-3461-1 DLA-185-1}
- freetype 2.5.2-3 (bug #777656)
NOTE: http://code.google.com/p/google-security-research/issues/detail?id=153
NOTE: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=240c94a185cd8dae7d03059abec8a5662c35ecd3
More information about the Secure-testing-commits
mailing list