[Secure-testing-commits] r40661 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Wed Mar 30 12:05:02 UTC 2016
Author: jmm
Date: 2016-03-30 12:05:02 +0000 (Wed, 30 Mar 2016)
New Revision: 40661
Modified:
data/CVE/list
Log:
add reference for kamailio advisory
util-linux no-dsa
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-03-30 11:35:40 UTC (rev 40660)
+++ data/CVE/list 2016-03-30 12:05:02 UTC (rev 40661)
@@ -2673,6 +2673,8 @@
CVE-2016-2779 [runuser tty hijacking via TIOCSTI ioctl]
RESERVED
- util-linux <unfixed> (bug #815922)
+ [jessie] - util-linux <no-dsa> (Minor issue)
+ NOTE: Restricting ioctl on the kernel side seems the better approach
[wheezy] - util-linux <not-affected> (runuser[.c] not yet present)
[squeeze] - util-linux <not-affected> (runuser[.c] not yet present)
NOTE: http://www.openwall.com/lists/oss-security/2016/02/27/1
@@ -3555,6 +3557,7 @@
{DSA-3535-1}
- kamailio 4.3.4-2 (bug #815178)
NOTE: https://github.com/kamailio/kamailio/commit/f50c9c853e7809810099c970780c30b0765b0643
+ NOTE: https://census-labs.com/news/2016/03/30/kamailio-seas-heap-overflow/
CVE-2016-2384 [Double-free in snd-usbmidi-lib triggered by invalid USB descriptor]
RESERVED
{DSA-3503-1 DLA-439-1}
More information about the Secure-testing-commits
mailing list