[Secure-testing-commits] r46517 - in data: . CVE

Ola Lundqvist opal at moszumanska.debian.org
Thu Nov 24 21:12:34 UTC 2016 

Author: opal
Date: 2016-11-24 21:12:34 +0000 (Thu, 24 Nov 2016)
New Revision: 46517

Modified:
   data/CVE/list
   data/dla-needed.txt
Log:
Triaging.

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-11-24 21:10:11 UTC (rev 46516)
+++ data/CVE/list	2016-11-24 21:12:34 UTC (rev 46517)
@@ -31,6 +31,7 @@
 CVE-2016-9633
 	- w3m 0.5.3-33
 	[jessie] - w3m <no-dsa> (Minor issue)
+	[wheezy] - w3m <no-dsa> (Minor issue)
 	NOTE: https://github.com/tats/w3m/issues/23
 CVE-2016-9632
 	- w3m 0.5.3-33
@@ -68,14 +69,17 @@
 CVE-2016-9624
 	- w3m 0.5.3-33
 	[jessie] - w3m <no-dsa> (Minor issue)
+	[wheezy] - w3m <no-dsa> (Minor issue)
 	NOTE: https://github.com/tats/w3m/issues/35
 CVE-2016-9623
 	- w3m 0.5.3-33
 	[jessie] - w3m <no-dsa> (Minor issue)
+	[wheezy] - w3m <no-dsa> (Minor issue)
 	NOTE: https://github.com/tats/w3m/issues/33
 CVE-2016-9622
 	- w3m 0.5.3-33
 	[jessie] - w3m <no-dsa> (Minor issue)
+	[wheezy] - w3m <no-dsa> (Minor issue)
 	NOTE: https://github.com/tats/w3m/issues/32
 CVE-2016-9621
 	- w3m 0.5.3-33
@@ -889,9 +893,11 @@
 	NOTE: https://github.com/vadz/libtiff/commit/5ad9d8016fbb60109302d558f7edb2cb2a3bb8e3
 CVE-2016-9539 [Out-of-bounds read in readContigTilesIntoBuffer()]
 	- tiff 4.0.7-1
+	[wheezy] - tiff <no-dsa> (Minor issue)
 	NOTE: https://github.com/vadz/libtiff/commit/ae9365db1b271b62b35ce018eac8799b1d5e8a53
 CVE-2016-9538 [Integer overflow leads to reading undefined buffer in readContigStripsIntoBuffer()]
 	- tiff 4.0.7-1
+	[wheezy] - tiff <no-dsa> (Minor issue)
 	NOTE: https://github.com/vadz/libtiff/commit/43c0b81a818640429317c80fea1e66771e85024b#diff-c8b4b355f9b5c06d585b23138e1c185f
 CVE-2016-9537 [Out-of-bounds write vulnerabilities in tools/tiffcrop.c]
 	- tiff 4.0.7-1

Modified: data/dla-needed.txt
===================================================================
--- data/dla-needed.txt	2016-11-24 21:10:11 UTC (rev 46516)
+++ data/dla-needed.txt	2016-11-24 21:12:34 UTC (rev 46517)
@@ -110,3 +110,14 @@
   NOTE: 20161123: I'm currently working on three new CVEs which were disclosed yesterday.
 --
 hdf5
+--
+xen
+--
+lxc
+  NOTE: A privilege escalation of this should be seen as a problem.
+--
+w3m
+--
+tiff
+--
+libsoap-lite-perl

More information about the Secure-testing-commits mailing list