[Secure-testing-commits] r46160 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Sun Nov 13 14:54:15 UTC 2016 

Author: carnil
Date: 2016-11-13 14:54:15 +0000 (Sun, 13 Nov 2016)
New Revision: 46160

Modified:
   data/CVE/list
Log:
Cleanup three older temporary entry

The issues never got a CVE assigned, disputable security impact and
fixed in the src:tidy-html5 package anyway before the initial upload of
tidy-html5 5.2.0 in unstable.

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-11-13 13:59:09 UTC (rev 46159)
+++ data/CVE/list	2016-11-13 14:54:15 UTC (rev 46160)
@@ -20380,10 +20380,6 @@
 	NOTE: Fixed in 5.5.33, 5.6.19
 	NOTE: http://www.openwall.com/lists/oss-security/2016/03/10/5
 	NOTE: http://www.openwall.com/lists/oss-security/2016/03/13/1
-CVE-2016-XXXX [infinite loop parsing an html file]
-	- tidy-html5 <undetermined>
-	NOTE: https://github.com/htacg/tidy-html5/issues/380
-	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/03/04/2
 CVE-2016-2858 (QEMU, when built with the Pseudo Random Number Generator (PRNG) ...)
 	- qemu 1:2.6+dfsg-1 (bug #817183)
 	[jessie] - qemu <no-dsa> (Minor issue)
@@ -21224,10 +21220,6 @@
 	NOTE: http://www.openwall.com/lists/oss-security/2016/04/16/1
 	NOTE: fixed in 3.0.7 upstream, mark as fixed with first 4.x version in unstable
 	NOTE: 4.x not affected
-CVE-2016-XXXX [read out-of-bounds in TextEndsWithNewline]
-	- tidy-html5 <undetermined>
-	NOTE: https://github.com/htacg/tidy-html5/issues/379
-	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/02/28/8
 CVE-2016-XXXX [unsafe use of /tmp]
 	- wine <unfixed> (unimportant; bug #816034)
 	- wine-development <unfixed> (unimportant; bug #816034)
@@ -26381,11 +26373,6 @@
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-01/msg00050.html
 	NOTE: Introduced by (at least after): http://git.qemu.org/?p=qemu.git;a=commit;h=69b910399a3c40620a5213adaeb14a37366d97ac
 	NOTE: http://www.openwall.com/lists/oss-security/2016/01/04/1
-CVE-2016-XXXX [use-after-free]
-	- tidy-html5 <undetermined>
-	NOTE: https://github.com/htacg/tidy-html5/issues/341
-	NOTE: https://github.com/htacg/tidy-html5/pull/368
-	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/01/03/4
 CVE-2014-9764 (imlib2 before 1.4.7 allows remote attackers to cause a denial of ...)
 	{DSA-3537-1 DLA-401-1}
 	- imlib2 1.4.7-1

More information about the Secure-testing-commits mailing list