[Secure-testing-commits] r41738 - data/CVE

security tracker role sectracker at moszumanska.debian.org
Sat May 14 21:10:10 UTC 2016 

Author: sectracker
Date: 2016-05-14 21:10:10 +0000 (Sat, 14 May 2016)
New Revision: 41738

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-05-14 20:59:29 UTC (rev 41737)
+++ data/CVE/list	2016-05-14 21:10:10 UTC (rev 41738)
@@ -1033,9 +1033,11 @@
 	[jessie] - libxml2 <no-dsa> (Minor issue, only when using libxml2 using recovery mode)
 	[wheezy] - libxml2 <no-dsa> (Minor issue, only when using libxml2 using recovery mode)
 CVE-2016-4477 (wpa_supplicant 0.4.0 through 2.5 does not reject \n and \r characters ...)
+	{DLA-473-1}
 	- wpa <unfixed> (bug #823411)
 	NOTE: http://w1.fi/security/2016-1/
 CVE-2016-4476 (hostapd 0.6.7 through 2.5 and wpa_supplicant 0.6.7 through 2.5 do not ...)
+	{DLA-473-1}
 	- wpa <unfixed> (bug #823411)
 	NOTE: http://w1.fi/security/2016-1/
 CVE-2016-4413
@@ -1171,7 +1173,7 @@
 	NOTE: http://www.openwall.com/lists/oss-security/2016/05/02/2
 CVE-2016-4425 [stack exhaustion parsing a JSON file]
 	RESERVED
-	{DLA-471-1}
+	{DSA-3577-1 DLA-471-1}
 	- jansson 2.7-5 (bug #823238)
 	NOTE: https://github.com/akheron/jansson/issues/282
 	NOTE: https://github.com/akheron/jansson/pull/284
@@ -5227,7 +5229,7 @@
 	- firefox 46.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-47/
 CVE-2016-2807 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
-	{DSA-3576-1 DSA-3559-1}
+	{DSA-3576-1 DSA-3559-1 DLA-472-1}
 	- iceweasel <removed>
 	- firefox-esr 45.1.0esr-1
 	- firefox 46.0-1
@@ -5239,7 +5241,7 @@
 	- firefox 46.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-39/
 CVE-2016-2805 (Unspecified vulnerability in the browser engine in Mozilla Firefox ESR ...)
-	{DSA-3576-1 DSA-3559-1}
+	{DSA-3576-1 DSA-3559-1 DLA-472-1}
 	- iceweasel <removed>
 	- firefox-esr <not-affected> (Only affects Firefox ESR 38.x)
 	- firefox <not-affected> (Only affects Firefox ESR 38.x)
@@ -8217,7 +8219,7 @@
 CVE-2016-1980
 	RESERVED
 CVE-2016-1979 (Use-after-free vulnerability in the ...)
-	{DSA-3576-1}
+	{DSA-3576-1 DLA-472-1}
 	- iceweasel <removed>
 	- firefox-esr 45.0esr-1
 	- firefox 45.0-1
@@ -35241,7 +35243,7 @@
 	NOTE: https://github.com/jabberd2/jabberd2/issues/85
 	NOTE: http://www.openwall.com/lists/oss-security/2015/02/09/13
 CVE-2015-2059 (The stringprep_utf8_to_ucs4 function in libin before 1.31, as used in ...)
-	{DLA-277-1}
+	{DSA-3578-1 DLA-277-1}
 	- libidn 1.31-1 (medium)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/02/23/25
 	NOTE: Patch: http://git.savannah.gnu.org/cgit/libidn.git/commit/?id=2e97c2796581c27213962c77f5a8571a598f9a2e

More information about the Secure-testing-commits mailing list