[Secure-testing-commits] r46358 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sun Nov 20 18:23:57 UTC 2016
Author: carnil
Date: 2016-11-20 18:23:57 +0000 (Sun, 20 Nov 2016)
New Revision: 46358
Modified:
data/CVE/list
Log:
Cleanup workaround entries for gst-plugins-bad{0.10,1.0}
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-11-20 17:29:26 UTC (rev 46357)
+++ data/CVE/list 2016-11-20 18:23:57 UTC (rev 46358)
@@ -158,19 +158,13 @@
NOTE: https://github.com/vadz/libtiff/commit/d2955714a4a0b8ca10941550cfbf64c7e111fbf1
CVE-2016-9446 [gstreamer 0.10 VMNC code execution #2]
- gst-plugins-bad0.10 <removed>
- [jessie] - gst-plugins-bad0.10 0.10.23-7.4+deb8u2
- gst-plugins-bad1.0 1.10.1-1
- [jessie] - gst-plugins-bad1.0 1.4.4-2.1+deb8u1
- NOTE: Workaround entry for DSA-3717-1 until CVE is assigned
NOTE: http://scarybeastsecurity.blogspot.de/2016/11/0day-poc-risky-design-decisions-in.html
NOTE: Upstream Bug: https://bugzilla.gnome.org/show_bug.cgi?id=774533
NOTE: Fixed by: https://cgit.freedesktop.org/gstreamer/gst-plugins-bad/commit/?id=4cb1bcf1422bbcd79c0f683edb7ee85e3f7a31fe
CVE-2016-9445 [gstreamer 0.10 VMNC code execution]
- gst-plugins-bad0.10 <removed>
- [jessie] - gst-plugins-bad0.10 0.10.23-7.4+deb8u2
- gst-plugins-bad1.0 1.10.1-1
- [jessie] - gst-plugins-bad1.0 1.4.4-2.1+deb8u1
- NOTE: Workaround entry for DSA-3717-1 until CVE is assigned
NOTE: http://scarybeastsecurity.blogspot.de/2016/11/0day-poc-risky-design-decisions-in.html
NOTE: Upstream Bug: https://bugzilla.gnome.org/show_bug.cgi?id=774533
NOTE: Fixed by: https://cgit.freedesktop.org/gstreamer/gst-plugins-bad/commit/?id=4cb1bcf1422bbcd79c0f683edb7ee85e3f7a31fe
@@ -555,8 +549,6 @@
RESERVED
CVE-2016-9447 [gstreamer 0.10 NSF code execution]
- gst-plugins-bad0.10 <removed>
- [jessie] - gst-plugins-bad0.10 0.10.23-7.4+deb8u1
- NOTE: Workaround entry for DSA-3713-1 until CVE is assigned
NOTE: http://scarybeastsecurity.blogspot.de/2016/11/0day-exploit-compromising-linux-desktop.html
CVE-2016-9299 [jenkins: unauthenticated remote code execution]
RESERVED
More information about the Secure-testing-commits
mailing list