[Secure-testing-commits] r42377 - in data: . CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Tue Jun 7 11:47:23 UTC 2016 

Author: carnil
Date: 2016-06-07 11:47:22 +0000 (Tue, 07 Jun 2016)
New Revision: 42377

Modified:
   data/CVE/list
   data/next-point-update.txt
Log:
Fix policykit-1 entries, were not included in jessie point release

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-06-07 11:43:45 UTC (rev 42376)
+++ data/CVE/list	2016-06-07 11:47:22 UTC (rev 42377)
@@ -28684,7 +28684,7 @@
 CVE-2015-4625 (Integer overflow in the authentication_agent_new_cookie function in ...)
 	[experimental] - policykit-1 0.113-1
 	- policykit-1 0.105-12 (low; bug #796134)
-	[jessie] - policykit-1 0.105-15~deb8u1
+	[jessie] - policykit-1 <no-dsa> (Minor issue)
 	[wheezy] - policykit-1 <no-dsa> (Minor issue)
 	[squeeze] - policykit-1 <no-dsa> (Minor issue)
 	NOTE: http://lists.freedesktop.org/archives/polkit-devel/2015-May/000419.html
@@ -31441,7 +31441,7 @@
 CVE-2015-3255 (The polkit_backend_action_pool_init function in ...)
 	[experimental] - policykit-1 0.113-1
 	- policykit-1 0.105-12 (bug #796134)
-	[jessie] - policykit-1 0.105-15~deb8u1
+	[jessie] - policykit-1 <no-dsa> (Minor issue)
 	[wheezy] - policykit-1 <no-dsa> (Minor issue)
 	[squeeze] - policykit-1 <no-dsa> (Minor issue)
 	NOTE: http://cgit.freedesktop.org/polkit/commit/?id=9f5e0c731784003bd4d6fc75ab739ff8b2ea269f
@@ -31628,7 +31628,7 @@
 CVE-2015-3218 (The authentication_agent_new function in ...)
 	[experimental] - policykit-1 0.113-1
 	- policykit-1 0.105-11 (bug #787932)
-	[jessie] - policykit-1 0.105-15~deb8u1
+	[jessie] - policykit-1 <no-dsa> (Minor issue)
 	[wheezy] - policykit-1 <no-dsa> (Minor issue)
 	[squeeze] - policykit-1 <not-affected> (Vulnerable code introduced later)
 	NOTE: http://lists.freedesktop.org/archives/polkit-devel/2015-May/000420.html

Modified: data/next-point-update.txt
===================================================================
--- data/next-point-update.txt	2016-06-07 11:43:45 UTC (rev 42376)
+++ data/next-point-update.txt	2016-06-07 11:47:22 UTC (rev 42377)
@@ -10,3 +10,9 @@
 	[jessie] - ruby2.1 2.1.5-2+deb8u3
 CVE-2015-7551
 	[jessie] - ruby2.1 2.1.5-2+deb8u3
+CVE-2015-3255
+	[jessie] - policykit-1 0.105-15~deb8u1
+CVE-2015-4625
+	[jessie] - policykit-1 0.105-15~deb8u1
+CVE-2015-3218
+	[jessie] - policykit-1 0.105-15~deb8u1

More information about the Secure-testing-commits mailing list