[Secure-testing-commits] r42575 - data/CVE

Moritz Muehlenhoff jmm at moszumanska.debian.org
Thu Jun 16 17:42:46 UTC 2016 

Author: jmm
Date: 2016-06-16 17:42:46 +0000 (Thu, 16 Jun 2016)
New Revision: 42575

Modified:
   data/CVE/list
Log:
neutron no-dsa
freeradius, attic fixed
automake unimportant


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-06-16 17:37:51 UTC (rev 42574)
+++ data/CVE/list	2016-06-16 17:42:46 UTC (rev 42575)
@@ -156,13 +156,13 @@
 CVE-2016-5363
 	RESERVED
 	- neutron <unfixed>
+	[jessie] - neutron <no-dsa> (Minor issue)
 	NOTE: https://bugs.launchpad.net/bugs/1558658
-	TODO: check
 CVE-2016-5362
 	RESERVED
 	- neutron <unfixed>
+	[jessie] - neutron <no-dsa> (Minor issue)
 	NOTE: https://bugs.launchpad.net/bugs/1558658
-	TODO: check
 CVE-2016-5349
 	RESERVED
 CVE-2016-5348
@@ -375,9 +375,9 @@
 	TODO: check
 CVE-2015-8914
 	RESERVED
-	- neutron <unfixed>
+	- neutron <unfixed> 
+	[jessie] - neutron <no-dsa> (Minor issue)
 	NOTE: https://bugs.launchpad.net/bugs/1502933
-	TODO: check
 CVE-2015-8913
 	RESERVED
 CVE-2015-8912
@@ -27973,7 +27973,7 @@
 	- libwmf 0.2.8.4-10.4 (bug #784205)
 CVE-2015-4680 [insufficent CRL application]
 	RESERVED
-	- freeradius <unfixed> (bug #789623)
+	- freeradius 2.2.8+dfsg-0.1 (bug #789623)
 	[jessie] - freeradius <no-dsa> (Minor issue)
 	[wheezy] - freeradius <no-dsa> (Minor issue)
 	[squeeze] - freeradius <no-dsa> (Minor issue)
@@ -29615,7 +29615,7 @@
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/05/26/10
 CVE-2015-4082 [encrypted backups attack]
 	RESERVED
-	- attic <unfixed> (bug #787435)
+	- attic 0.16-1 (bug #787435)
 	[jessie] - attic <no-dsa> (Minor issue)
 	NOTE: https://github.com/jborg/attic/issues/271
 	NOTE: https://github.com/jborg/attic/commit/78f9ad1faba7193ca7f0acccbc13b1ff6ebf9072
@@ -51229,11 +51229,11 @@
 	NOTE: http://github.com/mantisbt/mantisbt/commit/215968fa8 (1.2.x branch)
 	NOTE: http://github.com/mantisbt/mantisbt/commit/fc02c46ee (master branch)
 CVE-2014-XXXX [install-sh: insecure use of /tmp]
-	- automake1.11 <unfixed> (low; bug #827346)
-	- automake-1.14 <removed> (low; bug #827347)
-	[jessie] - automake-1.14 <no-dsa> (Minor issue)
-	- automake-1.15 1:1.15-3 (low; bug #760455)
+	- automake1.11 <unfixed> (unimportant; bug #827346)
+	- automake-1.14 <removed> (unimportant; bug #827347)
+	- automake-1.15 1:1.15-3 (unimportant; bug #760455)
 	NOTE: http://seclists.org/oss-sec/2014/q3/588
+	NOTE: Neutralised by kernel hardening
 CVE-2014-6252 (Buffer overflow in disp+work.exe 7000.52.12.34966 and ...)
 	NOT-FOR-US: SAP NetWeaver
 CVE-2014-6311 [/tmp file vulnerability in generate_doxygen.pl]

More information about the Secure-testing-commits mailing list