[Secure-testing-commits] r40330 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Fri Mar 11 20:33:05 UTC 2016
Author: carnil
Date: 2016-03-11 20:33:05 +0000 (Fri, 11 Mar 2016)
New Revision: 40330
Modified:
data/CVE/list
Log:
Mark busybox issues as no-dsa
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-03-11 20:29:50 UTC (rev 40329)
+++ data/CVE/list 2016-03-11 20:33:05 UTC (rev 40330)
@@ -2771,10 +2771,14 @@
CVE-2016-2148 [heap overflow in OPTION_6RD parsing]
RESERVED
- busybox <unfixed>
+ [jessie] - busybox <no-dsa> (Minor issue)
+ [wheezy] - busybox <no-dsa> (Minor issue)
NOTE: https://git.busybox.net/busybox/commit/?id=352f79acbd759c14399e39baef21fc4ffe180ac2
CVE-2016-2147 [OOB heap write due to integer underflow]
RESERVED
- busybox <unfixed>
+ [jessie] - busybox <no-dsa> (Minor issue)
+ [wheezy] - busybox <no-dsa> (Minor issue)
NOTE: https://git.busybox.net/busybox/commit/?id=d474ffc68290e0a83651c4432eeabfa62cd51e87
CVE-2016-2146 [DOS attack (Apache worker process crash / resource exhaustion) due to missing size checks when reading POST data.]
RESERVED
More information about the Secure-testing-commits
mailing list