[Secure-testing-commits] r45306 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Fri Oct 14 10:55:12 UTC 2016
Author: carnil
Date: 2016-10-14 10:55:12 +0000 (Fri, 14 Oct 2016)
New Revision: 45306
Modified:
data/CVE/list
Log:
tigervnc entered the archive, mark as undetermined to check the issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-10-14 10:26:58 UTC (rev 45305)
+++ data/CVE/list 2016-10-14 10:55:12 UTC (rev 45306)
@@ -57605,10 +57605,10 @@
[squeeze] - librsync <no-dsa> (Minor issue, too instrusive to backport)
CVE-2014-8241
RESERVED
- - tigervnc <itp> (bug #650394)
+ - tigervnc <undetermined>
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1151312
CVE-2014-8240 (Integer overflow in TigerVNC allows remote VNC servers to cause a ...)
- - tigervnc <itp> (bug #650394)
+ - tigervnc <undetermined>
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1151307
CVE-2014-8086 (Race condition in the ext4_file_write_iter function in fs/ext4/file.c ...)
- linux 3.16.7-ckt2-1
@@ -79296,7 +79296,7 @@
NOTE: introduced by https://github.com/mitsuhiko/jinja2/commit/acb672b6a179567632e032f547582f30fa2f4aa7
CVE-2014-0011 [ZRLE decoding bounds checking issue]
RESERVED
- - tigervnc <itp> (bug #650394)
+ - tigervnc <undetermined>
- vnc4 <unfixed> (unimportant)
NOTE: may affect related *VNC implementations if built with NDEBUG
NOTE: e.g. vnc4 seems to have similar code in common/rfb/zrleDecode.h
@@ -125002,7 +125002,7 @@
{DSA-2264-1 DSA-2240-1}
- linux-2.6 2.6.39-1 (low)
CVE-2011-1775 (The CSecurityTLS::processMsg function in common/rfb/CSecurityTLS.cxx ...)
- - tigervnc <itp> (bug #650394)
+ - tigervnc <undetermined>
CVE-2011-1774 (WebKit in Apple Safari before 5.0.6 has improper libxslt security ...)
NOTE: CVE-2011-1774 is about webkit's interface to xmlsec, CVE-2011-1425 is the actual issue
NOTE: http://www.openwall.com/lists/oss-security/2011/05/09/4
More information about the Secure-testing-commits
mailing list