[Secure-testing-commits] r41862 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Wed May 18 18:17:59 UTC 2016
Author: carnil
Date: 2016-05-18 18:17:59 +0000 (Wed, 18 May 2016)
New Revision: 41862
Modified:
data/CVE/list
Log:
Update status for CVE-2016-4912, but left TODO item for double-check/review
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-05-18 18:08:19 UTC (rev 41861)
+++ data/CVE/list 2016-05-18 18:17:59 UTC (rev 41862)
@@ -2,8 +2,10 @@
- linux 4.5.4-1
NOTE: Fixed by: https://git.kernel.org/linus/99d825822eade8d827a1817357cbf3f889a552d6 (v4.6)
CVE-2016-4912
- - openslp-dfsg <unfixed>
- TODO: check if vulnerable, if yes mark as no-dsa, since minor issue
+ - openslp-dfsg <not-affected> (Vulnerable code not present)
+ NOTE: Issue seems present only in OpenSLP 2.x where the return from malloc
+ NOTE: isn't checked.
+ TODO: double-check
CVE-2016-4911 [Incorrect Audit IDs in Keystone Fernet Tokens can result in revocation bypass]
- keystone <unfixed> (bug #824683)
[jessie] - keystone <not-affected> (affects only 9.0.0)
More information about the Secure-testing-commits
mailing list