[Secure-testing-commits] r46291 - in data: CVE DSA
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Thu Nov 17 20:01:46 UTC 2016
Author: jmm
Date: 2016-11-17 20:01:46 +0000 (Thu, 17 Nov 2016)
New Revision: 46291
Modified:
data/CVE/list
data/DSA/list
Log:
gstreamer DSA
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-11-17 16:27:24 UTC (rev 46290)
+++ data/CVE/list 2016-11-17 20:01:46 UTC (rev 46291)
@@ -1,3 +1,10 @@
+CVE-2016-XXXX [gstreamer 0.10 VMNC code execution]
+ - gst-plugins-bad0.10 <removed>
+ - gst-plugins-bad1.0 1.10.1-1
+ [jessie] - gst-plugins-bad0.10 0.10.23-7.4+deb8u2
+ [jessie] - gst-plugins-bad1.0 1.4.4-2.1+deb8u1
+ NOTE: Workaround entry for DSA-3717-1 until CVE is assigned
+ NOTE: http://scarybeastsecurity.blogspot.de/2016/11/0day-poc-risky-design-decisions-in.html
CVE-2016-XXXX [Denial of service via transliterate mechanism]
- drupal8 <itp> (bug #756305)
- drupal7 <not-affected> (Only affects Drupal 8)
Modified: data/DSA/list
===================================================================
--- data/DSA/list 2016-11-17 16:27:24 UTC (rev 46290)
+++ data/DSA/list 2016-11-17 20:01:46 UTC (rev 46291)
@@ -1,3 +1,6 @@
+[17 Nov 2016] DSA-3717-1 gst-plugins-bad1.0 - security update
+ [jessie] - gst-plugins-bad0.10 0.10.23-7.4+deb8u2
+ [jessie] - gst-plugins-bad1.0 1.4.4-2.1+deb8u1
[16 Nov 2016] DSA-3716-1 firefox-esr - security update
{CVE-2016-5290 CVE-2016-5291 CVE-2016-5296 CVE-2016-5297 CVE-2016-9064 CVE-2016-9066 CVE-2016-9074}
[jessie] - firefox-esr 45.5.0esr-1~deb8u1
More information about the Secure-testing-commits
mailing list