[Secure-testing-commits] r43550 - data/CVE
security tracker role
sectracker at moszumanska.debian.org
Thu Jul 28 09:10:11 UTC 2016
Author: sectracker
Date: 2016-07-28 09:10:10 +0000 (Thu, 28 Jul 2016)
New Revision: 43550
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-07-28 07:33:27 UTC (rev 43549)
+++ data/CVE/list 2016-07-28 09:10:10 UTC (rev 43550)
@@ -1,3 +1,9 @@
+CVE-2016-6483
+ RESERVED
+CVE-2016-6482
+ RESERVED
+CVE-2016-6481
+ RESERVED
CVE-2016-XXXX [World readable .rediscli_history]
- redis 2:3.2.1-3 (bug #832460)
NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/07/28/1
@@ -500,6 +506,7 @@
NOTE: http://xenbits.xen.org/xsa/advisory-183.html
CVE-2016-6258 [x86: Privilege escalation in PV guests]
RESERVED
+ {DSA-3633-1}
- xen <unfixed>
NOTE: http://xenbits.xen.org/xsa/advisory-182.html
CVE-2016-6257
@@ -2122,6 +2129,7 @@
CVE-2015-8937
RESERVED
CVE-2014-9906 [use-after-free in mysql_dr_error]
+ RESERVED
- libdbd-mysql-perl 4.033-1
NOTE: https://rt.cpan.org/Public/Bug/Display.html?id=97625
NOTE: https://github.com/perl5-dbi/DBD-mysql/pull/27
@@ -3886,6 +3894,7 @@
- linux 4.6.2-1
NOTE: https://patchwork.ozlabs.org/patch/629100/
CVE-2016-5242 (The p2m_teardown function in arch/arm/p2m.c in Xen 4.4.x through 4.6.x ...)
+ {DSA-3633-1}
- xen <unfixed>
NOTE: http://xenbits.xen.org/xsa/advisory-181.html
CVE-2016-5241
@@ -5045,6 +5054,7 @@
[jessie] - xen <no-dsa> (Minor issue, too intrusive to backport)
NOTE: http://xenbits.xen.org/xsa/advisory-178.html
CVE-2016-4962 (The libxl device-handling in Xen 4.6.x and earlier allows local OS ...)
+ {DSA-3633-1}
- xen <unfixed>
NOTE: http://xenbits.xen.org/xsa/advisory-175.html
CVE-2016-4961
@@ -6502,6 +6512,7 @@
CVE-2016-4481
RESERVED
CVE-2016-4480 (The guest_walk_tables function in arch/x86/mm/guest_walk.c in Xen ...)
+ {DSA-3633-1}
- xen <unfixed>
NOTE: http://xenbits.xen.org/xsa/advisory-176.html
CVE-2016-4479
@@ -21221,6 +21232,7 @@
[squeeze] - xen <end-of-life> (Not supported in Squeeze LTS)
NOTE: http://xenbits.xen.org/xsa/advisory-159.html
CVE-2015-8338 (Xen 4.6.x and earlier does not properly enforce limits on page order ...)
+ {DSA-3633-1}
- xen <unfixed> (bug #823620)
[wheezy] - xen <not-affected> (Only affects Xen on arm)
[squeeze] - xen <not-affected> (Only affects Xen on arm)
@@ -43910,11 +43922,11 @@
- smokeping 2.6.11-2
[squeeze] - smokeping <not-affected> (Vulnerable code not present)
CVE-2015-0858 (Cool Projects TarDiff allows local users to write to arbitrary files ...)
- {DSA-3562-1}
+ {DSA-3562-1 DLA-564-1}
- tardiff 0.1-3
NOTE: https://anonscm.debian.org/cgit/collab-maint/tardiff.git/commit/?id=9bd6a07bc204472ac27242cea16f89943b43003a
CVE-2015-0857 (Cool Projects TarDiff allows remote attackers to execute arbitrary ...)
- {DSA-3562-1}
+ {DSA-3562-1 DLA-564-1}
- tardiff 0.1-5
NOTE: https://anonscm.debian.org/cgit/collab-maint/tardiff.git/commit/?id=9bd6a07bc204472ac27242cea16f89943b43003a
NOTE: Assignment is done for injection through file names and tar file name itself
More information about the Secure-testing-commits
mailing list