[Secure-testing-commits] r41764 - data/CVE
security tracker role
sectracker at moszumanska.debian.org
Mon May 16 09:10:12 UTC 2016
Author: sectracker
Date: 2016-05-16 09:10:12 +0000 (Mon, 16 May 2016)
New Revision: 41764
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-05-16 08:46:37 UTC (rev 41763)
+++ data/CVE/list 2016-05-16 09:10:12 UTC (rev 41764)
@@ -6829,10 +6829,12 @@
NOTE: https://github.com/facebook/hhvm/commit/eae73029336e4d577707cb8a0527f22cb8a4588a
CVE-2016-4348
RESERVED
+ {DLA-477-1}
- librsvg 2.40.12-1
NOTE: https://git.gnome.org/browse/librsvg/commit/?id=d1c9191949747f6dcfd207831d15dd4ba00e31f2 (2.40.12)
CVE-2016-4347
RESERVED
+ {DLA-477-1}
- librsvg 2.40.12-1
[jessie] - librsvg <no-dsa> (Too intrusive to backport)
NOTE: https://git.gnome.org/browse/librsvg/commit/?id=a51919f7e1ca9c535390a746fbf6e28c8402dc61 (2.40.12)
@@ -7660,7 +7662,7 @@
- foreman <itp> (bug #663101)
CVE-2016-2099 [use-after-free]
RESERVED
- {DLA-467-1}
+ {DSA-3579-1 DLA-467-1}
- xerces-c 3.1.3+debian-2 (bug #823863)
NOTE: https://issues.apache.org/jira/browse/XERCESC-2066
CVE-2016-2098 (Action Pack in Ruby on Rails before 3.2.22.2, 4.x before 4.1.14.2, and ...)
@@ -17540,6 +17542,7 @@
RESERVED
CVE-2015-7558 [Stack exhaustion]
RESERVED
+ {DLA-477-1}
- librsvg 2.40.12-1
[jessie] - librsvg <no-dsa> (Too intrusive to backport)
[wheezy] - librsvg <no-dsa> (Too intrusive to backport)
@@ -35272,7 +35275,7 @@
NOTE: https://github.com/jabberd2/jabberd2/issues/85
NOTE: http://www.openwall.com/lists/oss-security/2015/02/09/13
CVE-2015-2059 (The stringprep_utf8_to_ucs4 function in libin before 1.31, as used in ...)
- {DSA-3578-1 DLA-277-1}
+ {DSA-3578-1 DLA-476-1 DLA-277-1}
- libidn 1.31-1 (medium)
NOTE: http://www.openwall.com/lists/oss-security/2015/02/23/25
NOTE: Patch: http://git.savannah.gnu.org/cgit/libidn.git/commit/?id=2e97c2796581c27213962c77f5a8571a598f9a2e
More information about the Secure-testing-commits
mailing list