[Secure-testing-commits] r40150 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Thu Mar 3 20:28:45 UTC 2016
Author: jmm
Date: 2016-03-03 20:28:45 +0000 (Thu, 03 Mar 2016)
New Revision: 40150
Modified:
data/CVE/list
Log:
glibc no-dsa
remove one libav no-dsa entry, will be fixed along with next update
pitivi no-dsa
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-03-03 20:27:16 UTC (rev 40149)
+++ data/CVE/list 2016-03-03 20:28:45 UTC (rev 40150)
@@ -5003,6 +5003,8 @@
RESERVED
{DLA-411-1}
- glibc <unfixed> (bug #813187)
+ [jessie] - glibc <no-dsa> (Minor issue)
+ [wheezy] - glibc <no-dsa> (Minor issue)
- eglibc <removed>
NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=16962
NOTE: https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=e02cabecf0d025ec4f4ddee290bdf7aadb873bb3
@@ -11898,6 +11900,7 @@
NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=758032
NOTE: https://git.gnome.org/browse/gdm/commit/?id=5ac2246
NOTE: https://git.gnome.org/browse/gdm/commit/?id=05e5fc2
+ TODO: Check whether applies to wheezy/jessie
CVE-2015-7495
RESERVED
CVE-2015-7494
@@ -17146,9 +17149,9 @@
- ffmpeg <not-affected> (Vulnerable code not present)
[squeeze] - ffmpeg <end-of-life> (Not supported in Squeeze LTS)
- libav <removed> (low)
- [jessie] - libav <no-dsa> (Minor issue, can be fixed along in a future DSA)
[wheezy] - libav <no-dsa> (Minor issue, can be fixed along in a future DSA)
NOTE: Patch in libav: https://git.libav.org/?p=libav.git;a=commit;h=0a49a62f998747cfa564d98d36a459fe70d3299b
+ NOTE: Fixed in libav 11.5
CVE-2015-5478
RESERVED
CVE-2015-5477 (named in ISC BIND 9.x before 9.9.7-P2 and 9.10.x before 9.10.2-P3 ...)
@@ -31798,6 +31801,7 @@
CVE-2015-0855 [Insecure use of os.system()]
RESERVED
- pitivi 0.95-1
+ [jessie] - pitivi <no-dsa> (Minor issue)
[squeeze] - pitivi <not-affected> (Vulnerable code not present (no os.system()))
[wheezy] - pitivi <not-affected> (Vulnerable code not present (no os.system()))
NOTE: https://git.gnome.org/browse/pitivi/commit/?id=45a4c84edb3b4343f199bba1c65502e3f49f5bb2 (RELEASE-0_95_0)
More information about the Secure-testing-commits
mailing list