[Secure-testing-commits] r41764 - data/CVE

Mon May 16 09:10:12 UTC 2016

Author: sectracker
Date: 2016-05-16 09:10:12 +0000 (Mon, 16 May 2016)
New Revision: 41764

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================

--- data/CVE/list	2016-05-16 08:46:37 UTC (rev 41763)
+++ data/CVE/list	2016-05-16 09:10:12 UTC (rev 41764)
@@ -6829,10 +6829,12 @@
 	NOTE: https://github.com/facebook/hhvm/commit/eae73029336e4d577707cb8a0527f22cb8a4588a
 CVE-2016-4348
 	RESERVED
+	{DLA-477-1}
 	- librsvg 2.40.12-1
 	NOTE: https://git.gnome.org/browse/librsvg/commit/?id=d1c9191949747f6dcfd207831d15dd4ba00e31f2 (2.40.12)
 CVE-2016-4347
 	RESERVED
+	{DLA-477-1}
 	- librsvg 2.40.12-1
 	[jessie] - librsvg <no-dsa> (Too intrusive to backport)
 	NOTE: https://git.gnome.org/browse/librsvg/commit/?id=a51919f7e1ca9c535390a746fbf6e28c8402dc61 (2.40.12)
@@ -7660,7 +7662,7 @@
 	- foreman <itp> (bug #663101)
 CVE-2016-2099 [use-after-free]
 	RESERVED
-	{DLA-467-1}
+	{DSA-3579-1 DLA-467-1}
 	- xerces-c 3.1.3+debian-2 (bug #823863)
 	NOTE: https://issues.apache.org/jira/browse/XERCESC-2066
 CVE-2016-2098 (Action Pack in Ruby on Rails before 3.2.22.2, 4.x before 4.1.14.2, and ...)
@@ -17540,6 +17542,7 @@
 	RESERVED
 CVE-2015-7558 [Stack exhaustion]
 	RESERVED
+	{DLA-477-1}
 	- librsvg 2.40.12-1
 	[jessie] - librsvg <no-dsa> (Too intrusive to backport)
 	[wheezy] - librsvg <no-dsa> (Too intrusive to backport)
@@ -35272,7 +35275,7 @@
 	NOTE: https://github.com/jabberd2/jabberd2/issues/85
 	NOTE: http://www.openwall.com/lists/oss-security/2015/02/09/13
 CVE-2015-2059 (The stringprep_utf8_to_ucs4 function in libin before 1.31, as used in ...)
-	{DSA-3578-1 DLA-277-1}
+	{DSA-3578-1 DLA-476-1 DLA-277-1}
 	- libidn 1.31-1 (medium)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/02/23/25
 	NOTE: Patch: http://git.savannah.gnu.org/cgit/libidn.git/commit/?id=2e97c2796581c27213962c77f5a8571a598f9a2e


