[Secure-testing-commits] r43230 - data/CVE
security tracker role
sectracker at moszumanska.debian.org
Fri Jul 15 21:10:12 UTC 2016
Author: sectracker
Date: 2016-07-15 21:10:12 +0000 (Fri, 15 Jul 2016)
New Revision: 43230
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-07-15 20:49:56 UTC (rev 43229)
+++ data/CVE/list 2016-07-15 21:10:12 UTC (rev 43230)
@@ -115,6 +115,7 @@
NOTE: http://www.openwall.com/lists/oss-security/2016/07/13/2
CVE-2016-6214 [read out-of-bounds issue]
RESERVED
+ {DSA-3619-1}
- libgd2 2.2.2-29-g3c2b605-1
NOTE: https://github.com/libgd/libgd/issues/247#issuecomment-232084241
NOTE: https://github.com/libgd/libgd/commit/10ef1dca63d62433fda13309b4a228782db823f7
@@ -283,6 +284,7 @@
- linux <not-affected> (Vulnerable code introduced in 4.7-rc1)
CVE-2016-6161
RESERVED
+ {DSA-3619-1}
- libgd2 2.2.1-1
NOTE: https://github.com/libgd/libgd/issues/209
NOTE: https://github.com/libgd/libgd/commit/82b80dcb70a7ca8986125ff412bceddafc896842 (gd-2.2.0)
@@ -871,6 +873,7 @@
RESERVED
CVE-2016-6132 [read out-of-bands was found in the parsing of TGA files]
RESERVED
+ {DSA-3619-1}
- libgd2 2.2.2-29-g3c2b605-1 (bug #829694)
NOTE: https://github.com/libgd/libgd/issues/247
NOTE: https://github.com/libgd/libgd/commit/ead349e99868303b37f5e6e9d9d680c9dc71ff8d
@@ -901,6 +904,7 @@
NOTE: Fixed by: https://git.kernel.org/linus/532c34b5fbf1687df63b3fcd5b2846312ac943c6
CVE-2016-6128 [Invalid color index is not properly handled leading to denial of service]
RESERVED
+ {DSA-3619-1}
- libgd2 2.2.2-29-g3c2b605-1 (bug #829062)
[wheezy] - libgd2 <not-affected> (Vulnerable code not present)
NOTE: https://github.com/libgd/libgd/compare/3fe0a7128bac5000fdcfab888bd2a75ec0c9447d...fd623025505e87bba7ec8555eeb72dae4fb0afd
@@ -1391,7 +1395,7 @@
NOTE: Fixed by: https://github.com/libgd/libgd/commit/cfee163a5e848fc3e3fb1d05a30d7557cdd36457 (GD_2_0_34RC1)
CVE-2016-5766 [Integer Overflow in _gd2GetHeader() resulting in heap overflow]
RESERVED
- {DLA-534-1}
+ {DSA-3619-1 DLA-534-1}
- php7.0 7.0.8-1 (unimportant)
- php5 5.6.23+dfsg-1 (unimportant)
[jessie] - php5 5.6.23+dfsg-0+deb8u1
@@ -3412,6 +3416,7 @@
NOTE: patch available at http://www.openwall.com/lists/oss-security/2016/05/29/7
CVE-2016-5116 [xbm: avoid stack overflow (read) with large names]
RESERVED
+ {DSA-3619-1}
- libgd2 2.2.1-1
[wheezy] - libgd2 <not-affected> (Vulnerable code not present)
NOTE: Fixed by: https://github.com/libgd/libgd/commit/4dc1a2d7931017d3625f2d7cff70a17ce58b53b4 (gd-2.2.0)
@@ -5848,7 +5853,7 @@
NOTE: http://www.talosintelligence.com/reports/TALOS-2016-0126/
CVE-2016-4323 [MXIT Splash Image Arbitrary File Overwrite Vulnerability]
RESERVED
- {DLA-542-1}
+ {DSA-3620-1 DLA-542-1}
- pidgin 2.11.0-1
NOTE: http://www.talosintel.com/reports/TALOS-2016-0128/
NOTE: http://www.pidgin.im/news/security/?id=97
@@ -11410,7 +11415,7 @@
NOTE: http://perl5.git.perl.org/perl.git/commitdiff/ae37b791a73a9e78dedb89fb2429d2628cf58076
CVE-2016-2380 [MXIT mxit_convert_markup_tx Information Leak Vulnerability]
RESERVED
- {DLA-542-1}
+ {DSA-3620-1 DLA-542-1}
- pidgin 2.11.0-1
NOTE: http://www.talosintel.com/reports/TALOS-2016-0123/
NOTE: http://www.pidgin.im/news/security/?id=96
@@ -11420,49 +11425,49 @@
NOTE: Mentioned at http://www.pidgin.im/news/security/?id=96 without further details
CVE-2016-2378 [MXIT get_utf8_string Code Execution Vulnerability]
RESERVED
- {DLA-542-1}
+ {DSA-3620-1 DLA-542-1}
- pidgin 2.11.0-1
NOTE: http://www.talosintel.com/reports/TALOS-2016-0120/
NOTE: http://www.pidgin.im/news/security/?id=94
NOTE: https://bitbucket.org/pidgin/main/commits/06278419c703
CVE-2016-2377 [MXIT HTTP Content-Length Buffer Overflow Vulnerability]
RESERVED
- {DLA-542-1}
+ {DSA-3620-1 DLA-542-1}
- pidgin 2.11.0-1
NOTE: http://www.talosintel.com/reports/TALOS-2016-0119/
NOTE: http://www.pidgin.im/news/security/?id=93
NOTE: https://bitbucket.org/pidgin/main/commits/0f94ef13ab37
CVE-2016-2376 [MXIT read stage 0x3 Code Execution Vulnerability]
RESERVED
- {DLA-542-1}
+ {DSA-3620-1 DLA-542-1}
- pidgin 2.11.0-1
NOTE: http://www.talosintel.com/reports/TALOS-2016-0118/
NOTE: http://www.pidgin.im/news/security/?id=92
NOTE: https://bitbucket.org/pidgin/main/commits/19f89eda8587
CVE-2016-2375 [MXIT Suggested Contacts Memory Disclosure Vulnerability]
RESERVED
- {DLA-542-1}
+ {DSA-3620-1 DLA-542-1}
- pidgin 2.11.0-1
NOTE: http://www.talosintel.com/reports/TALOS-2016-0143/
NOTE: http://www.pidgin.im/news/security/?id=108
NOTE: https://bitbucket.org/pidgin/main/commits/b786e9814536
CVE-2016-2374 [MXIT MultiMX Message Code Execution Vulnerability]
RESERVED
- {DLA-542-1}
+ {DSA-3620-1 DLA-542-1}
- pidgin 2.11.0-1
NOTE: http://www.talosintel.com/reports/TALOS-2016-0142/
NOTE: http://www.pidgin.im/news/security/?id=107
NOTE: https://bitbucket.org/pidgin/main/commits/f6c08d962618
CVE-2016-2373 [MXIT Contact Mood Denial of Service Vulnerability]
RESERVED
- {DLA-542-1}
+ {DSA-3620-1 DLA-542-1}
- pidgin 2.11.0-1
NOTE: http://www.talosintel.com/reports/TALOS-2016-0141/
NOTE: http://www.pidgin.im/news/security/?id=106
NOTE: https://bitbucket.org/pidgin/main/commits/e6159ad42c4c
CVE-2016-2372 [MXIT File Transfer Length Memory Disclosure Vulnerability]
RESERVED
- {DLA-542-1}
+ {DSA-3620-1 DLA-542-1}
- pidgin 2.11.0-1
NOTE: http://www.talosintel.com/reports/TALOS-2016-0140/
NOTE: http://www.pidgin.im/news/security/?id=105
@@ -11471,14 +11476,14 @@
NOTE: https://bitbucket.org/pidgin/main/commits/648f667a679c
CVE-2016-2371 [MXIT Extended Profiles Code Execution Vulnerability]
RESERVED
- {DLA-542-1}
+ {DSA-3620-1 DLA-542-1}
- pidgin 2.11.0-1
NOTE: http://www.talosintel.com/reports/TALOS-2016-0139/
NOTE: http://www.pidgin.im/news/security/?id=104
NOTE: https://bitbucket.org/pidgin/main/commits/f0287378203fbf496a9890bf273d96adefb93b74
CVE-2016-2370 [MXIT Custom Resource Denial of Service Vulnerability]
RESERVED
- {DLA-542-1}
+ {DSA-3620-1 DLA-542-1}
- pidgin 2.11.0-1
NOTE: http://www.talosintel.com/reports/TALOS-2016-0138/
NOTE: http://www.pidgin.im/news/security/?id=103
@@ -11487,13 +11492,13 @@
NOTE: https://bitbucket.org/pidgin/main/commits/648f667a679c
CVE-2016-2369 [MXIT CP_SOCK_REC_TERM Denial of Service Vulnerability]
RESERVED
- {DLA-542-1}
+ {DSA-3620-1 DLA-542-1}
- pidgin 2.11.0-1
NOTE: http://www.talosintel.com/reports/TALOS-2016-0137/
NOTE: http://www.pidgin.im/news/security/?id=102
CVE-2016-2368 [MXIT g_snprintf Multiple Buffer Overflow Vulnerabilities]
RESERVED
- {DLA-542-1}
+ {DSA-3620-1 DLA-542-1}
- pidgin 2.11.0-1
NOTE: http://www.talosintel.com/reports/TALOS-2016-0136/
NOTE: http://www.pidgin.im/news/security/?id=101
@@ -11501,7 +11506,7 @@
NOTE: https://bitbucket.org/pidgin/main/commits/f6efc254e947
CVE-2016-2367 [MXIT Avatar Length Memory Disclosure Vulnerability]
RESERVED
- {DLA-542-1}
+ {DSA-3620-1 DLA-542-1}
- pidgin 2.11.0-1
NOTE: http://www.talosintel.com/reports/TALOS-2016-0135/
NOTE: http://www.pidgin.im/news/security/?id=100
@@ -11510,14 +11515,14 @@
NOTE: https://bitbucket.org/pidgin/main/commits/648f667a679c
CVE-2016-2366 [MXIT Table Command Denial of Service Vulnerability]
RESERVED
- {DLA-542-1}
+ {DSA-3620-1 DLA-542-1}
- pidgin 2.11.0-1
NOTE: http://www.talosintel.com/reports/TALOS-2016-0134/
NOTE: http://www.pidgin.im/news/security/?id=99
NOTE: https://bitbucket.org/pidgin/main/commits/abdc3025f6b8
CVE-2016-2365 [MXIT Markup Command Denial of Service Vulnerability]
RESERVED
- {DLA-542-1}
+ {DSA-3620-1 DLA-542-1}
- pidgin 2.11.0-1
NOTE: http://www.talosintel.com/reports/TALOS-2016-0133/
NOTE: http://www.pidgin.im/news/security/?id=98
More information about the Secure-testing-commits
mailing list