[Secure-testing-commits] r40329 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Fri Mar 11 20:29:50 UTC 2016
Author: carnil
Date: 2016-03-11 20:29:50 +0000 (Fri, 11 Mar 2016)
New Revision: 40329
Modified:
data/CVE/list
Log:
Add two busybox CVEs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-03-11 18:41:22 UTC (rev 40328)
+++ data/CVE/list 2016-03-11 20:29:50 UTC (rev 40329)
@@ -2768,10 +2768,14 @@
RESERVED
CVE-2016-2149
RESERVED
-CVE-2016-2148
+CVE-2016-2148 [heap overflow in OPTION_6RD parsing]
RESERVED
-CVE-2016-2147
+ - busybox <unfixed>
+ NOTE: https://git.busybox.net/busybox/commit/?id=352f79acbd759c14399e39baef21fc4ffe180ac2
+CVE-2016-2147 [OOB heap write due to integer underflow]
RESERVED
+ - busybox <unfixed>
+ NOTE: https://git.busybox.net/busybox/commit/?id=d474ffc68290e0a83651c4432eeabfa62cd51e87
CVE-2016-2146 [DOS attack (Apache worker process crash / resource exhaustion) due to missing size checks when reading POST data.]
RESERVED
- libapache2-mod-auth-mellon 0.12.0-1
More information about the Secure-testing-commits
mailing list