[Secure-testing-commits] r39358 - data/CVE

security tracker role sectracker at moszumanska.debian.org
Sat Jan 30 21:10:12 UTC 2016


Author: sectracker
Date: 2016-01-30 21:10:12 +0000 (Sat, 30 Jan 2016)
New Revision: 39358

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-01-30 20:04:08 UTC (rev 39357)
+++ data/CVE/list	2016-01-30 21:10:12 UTC (rev 39358)
@@ -173,6 +173,7 @@
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-6/
 CVE-2016-2041
 	RESERVED
+	{DLA-406-1}
 	- phpmyadmin 4:4.5.4-1
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-5/
 	NOTE: https://github.com/phpmyadmin/phpmyadmin/commit/fe62b69a5b032de8e1d9d0a04456c1cecf46428c
@@ -183,6 +184,7 @@
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-3/
 CVE-2016-2039
 	RESERVED
+	{DLA-406-1}
 	- phpmyadmin 4:4.5.4-1
 	NOTE: https://www.phpmyadmin.net/security/PMASA-2016-2/
 	NOTE: https://github.com/phpmyadmin/phpmyadmin/commit/6fe54dfa000dd6f43f237e859781fad7111ac1bd
@@ -212,24 +214,28 @@
 	NOTE: Introduced in https://git.kernel.org/linus/3d167d68e3805ee45ed2e8412fc03ed919c54c24 (v3.13-rc1)
 CVE-2015-8783 [other out-of-bounds reads]
 	RESERVED
+	{DLA-405-1}
 	- tiff 4.0.6-1
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2522
 	NOTE: Commit: https://github.com/vadz/libtiff/commit/aaab5c3c9d2a2c6984f23ccbc79702610439bc65
 	NOTE: http://www.openwall.com/lists/oss-security/2016/01/24/3
 CVE-2015-8782 [other out-of-bounds writes]
 	RESERVED
+	{DLA-405-1}
 	- tiff 4.0.6-1
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2522
 	NOTE: Commit: https://github.com/vadz/libtiff/commit/aaab5c3c9d2a2c6984f23ccbc79702610439bc65
 	NOTE: http://www.openwall.com/lists/oss-security/2016/01/24/3
 CVE-2015-8781 [an out of bounds write at tif_luv.c:208]
 	RESERVED
+	{DLA-405-1}
 	- tiff 4.0.6-1
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2522#0
 	NOTE: Commit: https://github.com/vadz/libtiff/commit/aaab5c3c9d2a2c6984f23ccbc79702610439bc65
 	NOTE: http://www.openwall.com/lists/oss-security/2016/01/24/3
 CVE-2015-8784 [potential out-of-bound write in NeXTDecode()]
 	RESERVED
+	{DLA-405-1}
 	- tiff 4.0.6-1
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2508
 	NOTE: Can be reproduced with tiff compiled with AddressSanitizer
@@ -2146,11 +2152,11 @@
 	NOTE: Affects: >= 2014.2 <= 2015.1.2, ==12.0.0
 CVE-2015-8748 [Prevent regex injection in rights management]
 	RESERVED
-	{DLA-403-1}
+	{DSA-3462-1 DLA-403-1}
 	- radicale 1.1.1-1 (bug #809920)
 CVE-2015-8747 [The multifilesystem backend allows access to arbitrary files on all platforms]
 	RESERVED
-	{DLA-403-1}
+	{DSA-3462-1 DLA-403-1}
 	- radicale 1.1.1-1 (bug #809920)
 CVE-2015-8746 [when NFSv4 migration is executed, kernel oops occurs at NFS client]
 	RESERVED
@@ -3954,6 +3960,7 @@
 	RESERVED
 CVE-2016-0756 [insecure dialback key generation/validation algorithm]
 	RESERVED
+	{DLA-407-1}
 	- prosody 0.9.10-1
 	NOTE: http://blog.prosody.im/prosody-0-9-10-released/
 	NOTE: https://prosody.im/security/advisory_20160127/
@@ -16295,7 +16302,7 @@
 	NOTE: For ICU note that the original fix causes additional problems:
 	NOTE: https://ssl.icu-project.org/trac/ticket/12020#comment:4
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1298906#c1
-        NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1273318
+	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1273318
 	NOTE: see also CVE-2016-0494, introduced in through the fix for this CVE.
 	NOTE: patch: http://hg.openjdk.java.net/jdk8u/jdk8u/jdk/rev/dbb4e2bdfa9e
 CVE-2015-4843 (Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and ...)
@@ -26266,7 +26273,7 @@
 	NOTE: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=2c4832d30939b45c05757f0a05128ce64c4cacc7
 	NOTE: https://code.google.com/p/google-security-research/issues/detail?id=151
 CVE-2014-9674 (The Mac_Read_POST_Resource function in base/ftobjs.c in FreeType ...)
-	{DLA-185-1}
+	{DSA-3461-1 DLA-185-1}
 	- freetype 2.5.2-3 (bug #777656)
 	NOTE: http://code.google.com/p/google-security-research/issues/detail?id=153
 	NOTE: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=240c94a185cd8dae7d03059abec8a5662c35ecd3




More information about the Secure-testing-commits mailing list