[Secure-testing-commits] r42245 - data/CVE
security tracker role
sectracker at moszumanska.debian.org
Thu Jun 2 09:10:09 UTC 2016
Author: sectracker
Date: 2016-06-02 09:10:09 +0000 (Thu, 02 Jun 2016)
New Revision: 42245
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-06-02 08:19:18 UTC (rev 42244)
+++ data/CVE/list 2016-06-02 09:10:09 UTC (rev 42245)
@@ -337,7 +337,7 @@
NOTE: Fixed by: https://sourceforge.net/p/postfixadmin/code/1842
CVE-2016-5118 [popen() shell vulnerability via filename]
RESERVED
- {DSA-3591-1 DLA-500-1}
+ {DSA-3591-1 DLA-502-1 DLA-500-1}
- imagemagick 8:6.8.9.9-7.1 (bug #825799)
- graphicsmagick 1.3.24-1 (bug #825800)
NOTE: fixed by http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/ae3928faa858
@@ -7924,6 +7924,7 @@
CVE-2016-2386 (SQL injection vulnerability in the UDDI server in SAP NetWeaver J2EE ...)
NOT-FOR-US: SAP
CVE-2015-8857 [incorrect handling of non-boolean comparisons during minification]
+ RESERVED
- uglifyjs <unfixed> (unimportant)
NOTE: fixed in 2.4.24
NOTE: https://zyan.scripts.mit.edu/blog/backdooring-js/
@@ -19040,7 +19041,7 @@
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1288934
NOTE: Related to an incomplete RHEL backport of https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8ac2bde2a4a05c38e2bd733bea94507cb1461e06
CVE-2015-7552 (Heap-based buffer overflow in the gdk_pixbuf_flip function in ...)
- {DSA-3589-1 DLA-450-1}
+ {DSA-3589-1 DLA-501-1}
- gdk-pixbuf 2.32.0-1
NOTE: https://bugzilla.suse.com/show_bug.cgi?id=958963
NOTE: This was fixed by one of the commits between 2.31.6 and 2.32.0.
More information about the Secure-testing-commits
mailing list