[Secure-testing-commits] r42317 - data/CVE

Sun Jun 5 05:32:56 UTC 2016

Author: carnil
Date: 2016-06-05 05:32:56 +0000 (Sun, 05 Jun 2016)
New Revision: 42317

Modified:
   data/CVE/list
Log:
Add two expat CVEs

Modified: data/CVE/list
===================================================================

--- data/CVE/list	2016-06-05 04:40:58 UTC (rev 42316)
+++ data/CVE/list	2016-06-05 05:32:56 UTC (rev 42317)
@@ -14,6 +14,8 @@
 	RESERVED
 CVE-2014-9855
 	RESERVED
+CVE-2016-5300 [use of too little entropy]
+	- expat 2.1.1-3
 CVE-2016-5244 [rds: fix an infoleak in rds_inc_info_copy]
 	- linux <unfixed>
 	NOTE: https://patchwork.ozlabs.org/patch/629110/
@@ -16556,6 +16558,8 @@
 	NOTE: http://sourceforge.net/p/gdcm/gdcm/ci/92cd6d7fe0d01c61cf68ac4ef65ef388ee252415/
 	NOTE: http://sourceforge.net/p/gdcm/gdcm/ci/9cbca25ff7f20c432b61eb9f4cae43a946502b66/
 	NOTE: http://sourceforge.net/p/gdcm/gdcm/ci/e0dd1114c82d372dd905c029ddbee4e81ed01a89/
+CVE-2012-6702 [unanticipated internal calls to srand]
+	- expat 2.1.1-3
 CVE-2012-6701 (Integer overflow in fs/aio.c in the Linux kernel before 3.4.1 allows ...)
 	- linux <not-affected> (Fixed in v3.2.19; which was before src:linux rename)
 	- linux-2.6 3.2.19-1


