[Secure-testing-commits] r40414 - data/CVE

security tracker role sectracker at moszumanska.debian.org
Wed Mar 16 09:10:22 UTC 2016 

Author: sectracker
Date: 2016-03-16 09:10:22 +0000 (Wed, 16 Mar 2016)
New Revision: 40414

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-03-16 07:41:22 UTC (rev 40413)
+++ data/CVE/list	2016-03-16 09:10:22 UTC (rev 40414)
@@ -635,10 +635,12 @@
 CVE-2016-2860
 	RESERVED
 CVE-2016-3154 [Objects injection via unserialize]
+	{DSA-3518-1}
 	- spip 3.0.22-1
 	NOTE: http://www.openwall.com/lists/oss-security/2016/03/15/2
 	NOTE: patch https://core.spip.net/projects/spip/repository/revisions/22903
 CVE-2016-3153 [PHP code injection]
+	{DSA-3518-1}
 	- spip 3.0.22-1
 	NOTE: http://www.openwall.com/lists/oss-security/2016/03/15/2
 	NOTE: patch https://core.spip.net/projects/spip/repository/revisions/22911
@@ -1610,18 +1612,21 @@
 	NOTE: https://bugs.exim.org/show_bug.cgi?id=1791
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1311503
 CVE-2016-3162 [File upload access bypass and denial of service]
+	{DSA-3498-1}
 	- drupal8 <itp> (bug #756305)
 	- drupal7 7.43-1
 	- drupal6 <not-affected> (Only affects Drupal 7.x and Drupal 8.x)
 	NOTE: https://www.drupal.org/SA-CORE-2016-001
 	NOTE: http://www.openwall.com/lists/oss-security/2016/02/24/19
 CVE-2016-3163 [Brute force amplification attacks via XML-RPC]
+	{DSA-3498-1}
 	- drupal7 7.43-1
 	- drupal6 <removed>
 	[squeeze] - drupal6 <end-of-life>
 	NOTE: https://www.drupal.org/SA-CORE-2016-001
 	NOTE: http://www.openwall.com/lists/oss-security/2016/02/24/19
 CVE-2016-3164 [Open redirect via path manipulation]
+	{DSA-3498-1}
 	- drupal8 <itp> (bug #756305)
 	- drupal7 7.43-1
 	- drupal6 <removed>
@@ -1647,18 +1652,21 @@
 	NOTE: https://www.drupal.org/SA-CORE-2016-001
 	NOTE: http://www.openwall.com/lists/oss-security/2016/02/24/19
 CVE-2016-3168 [Reflected file download vulnerability]
+	{DSA-3498-1}
 	- drupal7 7.43-1
 	- drupal6 <removed>
 	[squeeze] - drupal6 <end-of-life>
 	NOTE: https://www.drupal.org/SA-CORE-2016-001
 	NOTE: http://www.openwall.com/lists/oss-security/2016/02/24/19
 CVE-2016-3169 [Saving user accounts can sometimes grant the user all roles]
+	{DSA-3498-1}
 	- drupal7 7.43-1
 	- drupal6 <removed>
 	[squeeze] - drupal6 <end-of-life>
 	NOTE: https://www.drupal.org/SA-CORE-2016-001
 	NOTE: http://www.openwall.com/lists/oss-security/2016/02/24/19
 CVE-2016-3170 [Email address can be matched to an account]
+	{DSA-3498-1}
 	- drupal8 <itp> (bug #756305)
 	- drupal7 7.43-1
 	- drupal6 <not-affected> (Only affects Drupal 7.x and Drupal 8.x)

More information about the Secure-testing-commits mailing list