[Secure-testing-commits] r40117 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Tue Mar 1 20:28:10 UTC 2016
Author: carnil
Date: 2016-03-01 20:28:10 +0000 (Tue, 01 Mar 2016)
New Revision: 40117
Modified:
data/CVE/list
Log:
Add issue for libryo-java
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-03-01 20:14:54 UTC (rev 40116)
+++ data/CVE/list 2016-03-01 20:28:10 UTC (rev 40117)
@@ -1,3 +1,9 @@
+CVE-2016-XXXX [Type registration should be required]
+ - libkryo-java <unfixed>
+ NOTE: https://github.com/EsotericSoftware/kryo/issues/398
+ NOTE: https://www.contrastsecurity.com/security-influencers/serialization-must-die-act-1-kryo
+ NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/03/01/16
+ TODO: check
CVE-2016-8818
- qemu 1:2.4+dfsg-1a
[jessie] - qemu <no-dsa> (Minor issue; can be fixed along with a future DSA)
More information about the Secure-testing-commits
mailing list