[Secure-testing-commits] r45409 - data/CVE
security tracker role
sectracker at moszumanska.debian.org
Mon Oct 17 21:10:18 UTC 2016
Author: sectracker
Date: 2016-10-17 21:10:18 +0000 (Mon, 17 Oct 2016)
New Revision: 45409
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-10-17 20:29:18 UTC (rev 45408)
+++ data/CVE/list 2016-10-17 21:10:18 UTC (rev 45409)
@@ -1,3 +1,17 @@
+CVE-2016-8673
+ RESERVED
+CVE-2016-8672
+ RESERVED
+CVE-2005-4900 (SHA-1 is not collision resistant, which makes it easier for ...)
+ TODO: check
+CVE-2005-4899
+ RESERVED
+CVE-2005-4898
+ RESERVED
+CVE-2005-4897
+ RESERVED
+CVE-2005-4896
+ RESERVED
CVE-2016-6911 [invalid read in gdImageCreateFromTiffPtr()]
RESERVED
{DSA-3693-1}
@@ -4,66 +18,84 @@
- libgd2 <unfixed> (bug #840806)
NOTE: Corresponds to the 0020-Fix-invalid-read-in-gdImageCreateFromTiffPtr.patch patch
CVE-2016-8703
+ RESERVED
- potrace 1.13-1
NOTE: https://blogs.gentoo.org/ago/2016/08/08/potrace-multiplesix-heap-based-buffer-overflow-in-bm_readbody_bmp-bitmap_io-c/
TODO: check
CVE-2016-8702
+ RESERVED
- potrace 1.13-1
NOTE: https://blogs.gentoo.org/ago/2016/08/08/potrace-multiplesix-heap-based-buffer-overflow-in-bm_readbody_bmp-bitmap_io-c/
TODO: check
CVE-2016-8701
+ RESERVED
- potrace 1.13-1
NOTE: https://blogs.gentoo.org/ago/2016/08/08/potrace-multiplesix-heap-based-buffer-overflow-in-bm_readbody_bmp-bitmap_io-c/
TODO: check
CVE-2016-8700
+ RESERVED
- potrace 1.13-1
NOTE: https://blogs.gentoo.org/ago/2016/08/08/potrace-multiplesix-heap-based-buffer-overflow-in-bm_readbody_bmp-bitmap_io-c/
TODO: check
CVE-2016-8699
+ RESERVED
- potrace 1.13-1
NOTE: https://blogs.gentoo.org/ago/2016/08/08/potrace-multiplesix-heap-based-buffer-overflow-in-bm_readbody_bmp-bitmap_io-c/
TODO: check
CVE-2016-8698
+ RESERVED
- potrace 1.13-1
NOTE: https://blogs.gentoo.org/ago/2016/08/08/potrace-multiplesix-heap-based-buffer-overflow-in-bm_readbody_bmp-bitmap_io-c/
TODO: check
CVE-2016-8697 [AddressSanitizer: FPE on unknown address 0x508d51 in bm_new ... bitmap.h]
+ RESERVED
- potrace 1.13-1
NOTE: https://blogs.gentoo.org/ago/2016/08/08/potrace-divide-by-zero-in-bm_new-bitmap-h/
TODO: check
CVE-2016-8696
+ RESERVED
- potrace 1.13-1
NOTE: https://blogs.gentoo.org/ago/2016/08/08/potrace-multiple-three-null-pointer-dereference-in-bm_readbody_bmp-bitmap_io-c/
TODO: check
CVE-2016-8695
+ RESERVED
- potrace 1.13-1
NOTE: https://blogs.gentoo.org/ago/2016/08/08/potrace-multiple-three-null-pointer-dereference-in-bm_readbody_bmp-bitmap_io-c/
TODO: check
CVE-2016-8694
+ RESERVED
- potrace 1.13-1
NOTE: https://blogs.gentoo.org/ago/2016/08/08/potrace-multiple-three-null-pointer-dereference-in-bm_readbody_bmp-bitmap_io-c/
TODO: check
CVE-2016-8693 [attempting double-free ... mem_close ... jas_stream.c]
+ RESERVED
- jasper <unfixed> (bug #841110)
NOTE: https://blogs.gentoo.org/ago/2016/10/16/jasper-double-free-in-mem_close-jas_stream-c/
CVE-2016-8692 [FPE on unknown address ... jpc_dec_process_siz ... jpc_dec.c]
+ RESERVED
- jasper <unfixed> (bug #841111)
NOTE: https://blogs.gentoo.org/ago/2016/10/16/jasper-two-divide-by-zero-in-jpc_dec_process_siz-jpc_dec-c/
NOTE: Fixed by: https://github.com/mdadams/jasper/commit/d8c2604cd438c41ec72aff52c16ebd8183068020 (version-1.900.4)
CVE-2016-8691 [FPE on unknown address ... jpc_dec_process_siz ... jpc_dec.c]
+ RESERVED
- jasper <unfixed> (bug #841111)
NOTE: https://blogs.gentoo.org/ago/2016/10/16/jasper-two-divide-by-zero-in-jpc_dec_process_siz-jpc_dec-c/
NOTE: Fixed by: https://github.com/mdadams/jasper/commit/d8c2604cd438c41ec72aff52c16ebd8183068020 (version-1.900.4)
CVE-2016-8690 [SEGV on unknown address ... bmp_getdata ... bmp_dec.c]
+ RESERVED
- jasper <unfixed> (bug #841112)
NOTE: CVE ID for the first and fifth items of http://www.openwall.com/lists/oss-security/2016/08/23/6 post
NOTE: https://blogs.gentoo.org/ago/2016/10/16/jasper-two-null-pointer-dereference-in-bmp_getdata-bmp_dec-c/
CVE-2016-8689
+ RESERVED
+ {DLA-661-1}
- libarchive 3.2.1-5 (bug #840934)
NOTE: https://blogs.gentoo.org/ago/2016/09/11/libarchive-bsdtar-heap-based-buffer-overflow-in-read_header-archive_read_support_format_7zip-c/
NOTE: https://github.com/libarchive/libarchive/issues/761
NOTE: Fixed by: https://github.com/libarchive/libarchive/commit/7f17c791dcfd8c0416e2cd2485b19410e47ef126
CVE-2016-8688
+ RESERVED
+ {DLA-661-1}
- libarchive 3.2.1-5 (bug #840935)
NOTE: https://blogs.gentoo.org/ago/2016/09/11/libarchive-bsdtar-heap-based-buffer-overflow-in-detect_form-archive_read_support_format_mtree-c/
NOTE: https://blogs.gentoo.org/ago/2016/09/11/libarchive-bsdtar-memory-corruptionunknown-crash-in-bid_entry-archive_read_support_format_mtree-c/
@@ -72,34 +104,42 @@
NOTE: https://blogs.gentoo.org/ago/2016/09/11/libarchive-bsdtar-use-after-free-in-detect_form-archive_read_support_format_mtree-c/
NOTE: Fixed by: https://github.com/libarchive/libarchive/commit/eec077f52bfa2d3f7103b4b74d52572ba8a15aca
CVE-2016-8687
+ RESERVED
+ {DLA-661-1}
- libarchive 3.2.1-5 (bug #840936)
NOTE: https://blogs.gentoo.org/ago/2016/09/11/libarchive-bsdtar-stack-based-buffer-overflow-in-bsdtar_expand_char-util-c/
NOTE: Fixed by: https://github.com/libarchive/libarchive/commit/e37b620fe8f14535d737e89a4dcabaed4517bf1a
NOTE: https://github.com/libarchive/libarchive/issues/767
CVE-2016-8678 [heap-based buffer overflow in IsPixelMonochrome]
+ RESERVED
- imagemagick <unfixed>
NOTE: https://blogs.gentoo.org/ago/2016/10/07/imagemagick-heap-based-buffer-overflow-in-ispixelmonochrome-pixel-accessor-h/
TODO: check
CVE-2016-8677 [memory allocate failure in AcquireQuantumPixels]
+ RESERVED
- imagemagick <unfixed>
NOTE: https://blogs.gentoo.org/ago/2016/10/07/imagemagick-memory-allocate-failure-in-acquirequantumpixels-quantum-c/
NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick/commit/6e48aa92ff4e6e95424300ecd52a9ea453c19c60
TODO: check
CVE-2016-8676 [Issue that remains after addressing CVE-2016-8675 with e5b019725f53b79159931d3a7317107cbbfd0860]
+ RESERVED
- libav <removed>
NOTE: https://blogs.gentoo.org/ago/2016/09/07/libav-null-pointer-dereference-in-get_vlc2_get_bits_h/
CVE-2016-8675
+ RESERVED
- libav <removed>
NOTE: https://blogs.gentoo.org/ago/2016/09/07/libav-null-pointer-dereference-in-get_vlc2_get_bits_h/
NOTE: Fixed by: https://github.com/libav/libav/commit/e5b019725f53b79159931d3a7317107cbbfd0860
NOTE: Cf. CVE-2016-8676 as well which remain unfixed after e5b019725f53b79159931d3a7317107cbbfd0860
CVE-2016-8674
+ RESERVED
- mupdf <unfixed> (bug #840957)
NOTE: Fixed by: http://git.ghostscript.com/?p=mupdf.git;h=1e03c06456d997435019fb3526fa2d4be7dbc6ec
NOTE: http://bugs.ghostscript.com/show_bug.cgi?id=697015
NOTE: http://bugs.ghostscript.com/show_bug.cgi?id=697019
NOTE: (Wheezy) Crash is not reproducible with reprocuder. Needs clarification from upstream.
CVE-2016-8670 [Stack Buffer Overflow in GD dynamicGetbuf]
+ RESERVED
{DSA-3693-1}
- libgd2 <unfixed> (bug #840805)
NOTE: Workaround entry for DSA-3693-1 until CVE assigned
@@ -107,14 +147,17 @@
NOTE: https://github.com/libgd/libgd/commit/53110871935244816bbb9d131da0bccff734bfe9
NOTE: http://www.openwall.com/lists/oss-security/2016/10/15/1
CVE-2016-8671 [Incomplete fix for CVE-2016-6887]
+ RESERVED
- matrixssl <not-affected> (Incomplete fix for CVE-2016-6887 not applied)
NOTE: https://blog.fuzzing-project.org/54-Update-on-MatrixSSL-miscalculation-incomplete-fix-for-CVE-2016-6887.html
CVE-2016-8669 [char: divide by zero error in serial_update_parameters]
+ RESERVED
- qemu <unfixed> (bug #840945)
- qemu-kvm <removed>
NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg02461.html
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1384909
CVE-2016-8668 [net: OOB buffer access in rocker switch emulation]
+ RESERVED
- qemu <unfixed> (bug #840948)
[jessie] - qemu <not-affected> (Vulnerable code introduced after v2.4.0-rc0)
[wheezy] - qemu <not-affected> (Vulnerable code introduced after v2.4.0-rc0)
@@ -122,6 +165,7 @@
NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg02501.html
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1384896
CVE-2016-8667 [dma: rc4030 divide by zero error in set_next_tick]
+ RESERVED
- qemu <unfixed> (bug #840950)
- qemu-kvm <removed>
NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg02577.html
@@ -255,23 +299,20 @@
RESERVED
CVE-2016-8594
RESERVED
-CVE-2016-8666 [tunnels: Don't apply GRO to multiple layers of encapsulation]
- RESERVED
+CVE-2016-8666 (The IP stack in the Linux kernel before 4.6 allows remote attackers to ...)
- linux 4.6.1-1
[jessie] - linux 3.6.36-1
[wheezy] - linux <not-affected> (Vulnerable code introduced later)
NOTE: Fixed by: https://git.kernel.org/linus/fac8e0f579695a3ecbc4d3cac369139d7f819971
NOTE: Introduced by: htttps://git.kernel.org/linus/bf5a755f5e9186406bbf50f4087100af5bd68e40
NOTE: http://www.openwall.com/lists/oss-security/2016/10/13/11
-CVE-2016-8660 [local DoS due to a page lock order bug in the XFS seek hole/data implementation]
- RESERVED
+CVE-2016-8660 (The XFS subsystem in the Linux kernel through 4.8.2 allows local users ...)
- linux <unfixed>
CVE-2016-8659 [privilege escalation via ptrace]
RESERVED
- bubblewrap 0.1.2-2 (bug #840605)
NOTE: https://github.com/projectatomic/bubblewrap/issues/107
-CVE-2016-8658 [Broadcom Wifi Driver Brcmfmac brcmf_cfg80211_start_ap Buffer Overflow]
- RESERVED
+CVE-2016-8658 (Stack-based buffer overflow in the brcmf_cfg80211_start_ap function in ...)
- linux 4.7.5-1
[wheezy] - linux <not-affected> (Vulnerable code introduced later in 3.7)
NOTE: Fixed by: https://git.kernel.org/linus/ded89912156b1a47d940a0c954c43afbabd0c42c (v4.8-rc8)
@@ -506,34 +547,42 @@
NOTE: already have root privileges could induce systemd to send messages
NOTE: that would trigger the format string vulnerability.
CVE-2016-8686 [memory allocation failure]
+ RESERVED
- potrace <unfixed>
NOTE: https://blogs.gentoo.org/ago/2016/08/29/potrace-memory-allocation-failure
CVE-2016-8685 [invalid memory access in findnext (decompose.c)]
+ RESERVED
- potrace <unfixed>
NOTE: https://blogs.gentoo.org/ago/2016/08/29/potrace-invalid-memory-access-in-findnext-decompose-c/
CVE-2016-8684 [memory allocation failure in MagickMalloc (memory.c)]
+ RESERVED
- graphicsmagick <unfixed>
NOTE: https://blogs.gentoo.org/ago/2016/09/15/graphicsmagick-memory-allocation-failure-in-magickmalloc-memory-c/
NOTE: Fixed by: http://hg.code.sf.net/p/graphicsmagick/code/rev/c53725cb5449
CVE-2016-8683 [memory allocation failure in ReadPCXImage (pcx.c)]
+ RESERVED
- graphicsmagick <unfixed>
NOTE: https://blogs.gentoo.org/ago/2016/09/15/graphicsmagick-memory-allocation-failure-in-readpcximage-pcx-c/
NOTE: Fixed by: http://hg.code.sf.net/p/graphicsmagick/code/rev/b9edafd479b9
CVE-2016-8682 [stack-based buffer overflow in ReadSCTImage (sct.c)]
+ RESERVED
- graphicsmagick <unfixed>
NOTE: https://blogs.gentoo.org/ago/2016/09/15/graphicsmagick-stack-based-buffer-overflow-in-readsctimage-sct-c/
NOTE: Fixed by: http://hg.code.sf.net/p/graphicsmagick/code/rev/0a0dfa81906d
CVE-2016-8679 [dwarf_util.c: heap-based buffer overflow in _dwarf_get_size_of_val]
+ RESERVED
- dwarfutils <unfixed> (bug #840958)
NOTE: http://www.openwall.com/lists/oss-security/2016/10/08/11
NOTE: https://sourceforge.net/p/libdwarf/code/ci/2d14a7792889e33bc542c28d0f3792964c46214f/#diff-13
NOTE: https://sourceforge.net/p/libdwarf/code/ci/efe48cad0693d6994d9a7b561e1c3833b073a624/#diff-2
NOTE: Same fix as CVE-2016-8681 but different issue
CVE-2016-8680 [dwarf_util.c: heap-based buffer overflow in _dwarf_get_abbrev_for_code]
+ RESERVED
- dwarfutils <unfixed> (bug #840960)
NOTE: http://www.openwall.com/lists/oss-security/2016/10/08/12
NOTE: https://sourceforge.net/p/libdwarf/code/ci/268c1f18d1d28612af3b72d7c670076b1b88e51c/tree/libdwarf/dwarf_util.c?diff=0b28b923c3bd9827d1d904feed2abadde4fa5de2
CVE-2016-8681 [dwarf_util.c: heap-based buffer overflow in _dwarf_get_abbrev_for_code second one]
+ RESERVED
- dwarfutils <unfixed> (bug #840961)
NOTE: https://sourceforge.net/p/libdwarf/code/ci/2d14a7792889e33bc542c28d0f3792964c46214f/#diff-13
NOTE: https://sourceforge.net/p/libdwarf/code/ci/efe48cad0693d6994d9a7b561e1c3833b073a624/#diff-2
@@ -2513,10 +2562,12 @@
NOTE: https://cgit.freedesktop.org/xorg/lib/libXrender/commit/?id=9362c7ddd1af3b168953d0737877bc52d79c94f4
CVE-2016-7948 [for all of the other mishandling of the reply data]
RESERVED
+ {DLA-660-1}
- libxrandr <unfixed> (bug #840441)
NOTE: https://cgit.freedesktop.org/xorg/lib/libXrandr/commit/?id=a0df3e1c7728205e5c7650b2e6dce684139254a6
CVE-2016-7947 [for all of the integer overflows]
RESERVED
+ {DLA-660-1}
- libxrandr <unfixed> (bug #840441)
NOTE: https://cgit.freedesktop.org/xorg/lib/libXrandr/commit/?id=a0df3e1c7728205e5c7650b2e6dce684139254a6
CVE-2016-7946 [for all of the other mishandling of the reply data]
@@ -3664,8 +3715,7 @@
RESERVED
CVE-2016-7426
RESERVED
-CVE-2016-7425 [SCSI arcmsr driver: buffer overflow in arcmsr_iop_message_xfer()]
- RESERVED
+CVE-2016-7425 (The arcmsr_iop_message_xfer function in ...)
- linux <unfixed>
NOTE: http://marc.info/?l=linux-scsi&m=147394713328707&w=2
NOTE: Upstream commit: https://git.kernel.org/linus/7bc2b55a5c030685b399bb65b6baa9ccc3d1f167
@@ -4736,8 +4786,7 @@
[wheezy] - wget <no-dsa> (Minor issue)
NOTE: http://git.savannah.gnu.org/cgit/wget.git/commit/?id=9ffb64ba6a8121909b01e984deddce8d096c498d
NOTE: http://git.savannah.gnu.org/cgit/wget.git/commit/?id=690c47e3b18c099843cdf557a0425d701fca4957
-CVE-2016-7097 [Setting a POSIX ACL via setxattr doesn't clear the setgid bit]
- RESERVED
+CVE-2016-7097 (The filesystem implementation in the Linux kernel through 4.8.2 ...)
- linux <unfixed>
NOTE: http://www.spinics.net/lists/linux-fsdevel/msg98328.html
NOTE: http://marc.info/?l=linux-fsdevel&m=147162313630259&w=2
@@ -4862,8 +4911,7 @@
NOTE: http://irssi.org/security/irssi_sa_2016.txt
CVE-2016-7043
RESERVED
-CVE-2016-7042 [Stack corruption while reading /proc/keys]
- RESERVED
+CVE-2016-7042 (The proc_keys_show function in security/keys/proc.c in the Linux ...)
- linux <unfixed>
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1373966
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1373499 (not yet opened)
@@ -4871,8 +4919,7 @@
RESERVED
CVE-2016-7040 (Red Hat CloudForms Management Engine 4.1 does not properly handle ...)
NOT-FOR-US: Red Hat CloudForms
-CVE-2016-7039 [net: add recursion limit to GRO]
- RESERVED
+CVE-2016-7039 (The IP stack in the Linux kernel through 4.8.2 allows remote attackers ...)
- linux <unfixed>
[jessie] - linux <not-affected> (Vulnerable code introduced later)
[wheezy] - linux <not-affected> (Vulnerable code introduced later)
@@ -5379,8 +5426,7 @@
NOTE: http://lists.nongnu.org/archive/html/chicken-announce/2016-08/msg00001.html
NOTE: https://lists.nongnu.org/archive/html/chicken-hackers/2016-07/txtSWHYeFeG0R.txt
NOTE: http://bugs.call-cc.org/ticket/1308
-CVE-2016-6828 [Linux tcp_xmit_retransmit_queue use after free]
- RESERVED
+CVE-2016-6828 (The tcp_check_send_head function in include/net/tcp.h in the Linux ...)
{DSA-3659-1 DLA-609-1}
- linux 4.7.2-1
NOTE: Fixed by: https://github.com/torvalds/linux/commit/bb1fceca22492109be12640d49f5ea5a544c6bb4
@@ -5460,14 +5506,12 @@
[wheezy] - suricata <no-dsa> (Minor issue)
[squeeze] - suricata <no-dsa> (Minor issue)
NOTE: https://redmine.openinfosecfoundation.org/issues/1364
-CVE-2015-8953
- RESERVED
+CVE-2015-8953 (fs/overlayfs/copy_up.c in the Linux kernel before 4.2.6 uses an ...)
- linux 4.2.6-1
[jessie] - linux <not-affected> (Vulnerable code not present)
[wheezy] - linux <not-affected> (Vulnerable code not present)
NOTE: Fixed by: https://git.kernel.org/linus/ab79efab0a0ba01a74df782eb7fa44b044dae8b5 (v4.3)
-CVE-2015-8952
- RESERVED
+CVE-2015-8952 (The mbcache feature in the ext2 and ext4 filesystem implementations in ...)
- linux 4.6.1-1 (low)
[jessie] - linux <no-dsa> (Minor issue and too intrusive to backport, workaround exists with the no_mbcache mount flag)
NOTE: https://git.kernel.org/linus/f9a61eb4e2471c56a63cd804c7474128138c38ac (v4.6-rc1)
@@ -7041,8 +7085,7 @@
NOTE: This is a generic cryptographic weakness, not a vulnerability in OpenVPN per se
CVE-2016-6328
RESERVED
-CVE-2016-6327
- RESERVED
+CVE-2016-6327 (drivers/infiniband/ulp/srpt/ib_srpt.c in the Linux kernel before 4.5.1 ...)
- linux 4.6.1-1
[wheezy] - linux <not-affected> (Vulnerable code introduced later)
NOTE: Fixed by: https://git.kernel.org/linus/51093254bf879bc9ce96590400a87897c7498463 (4.6-rc1)
@@ -10839,7 +10882,7 @@
- firefox-esr 45.3.0esr-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-72/
CVE-2016-5257 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
- {DSA-3690-1 DSA-3674-1 DLA-636-1 DLA-658-1}
+ {DSA-3690-1 DSA-3674-1 DLA-658-1 DLA-636-1}
- firefox 49.0-1
- firefox-esr 45.4.0esr-1
- icedove 1:45.4.0-1
@@ -25281,8 +25324,8 @@
TODO: check
CVE-2016-0925 (Cross-site scripting (XSS) vulnerability in the Case Management ...)
NOT-FOR-US: EMC RSA Adaptive Authentication
-CVE-2016-0924 (The TLS 1.2 implementation in EMC RSA BSAFE Micro Edition Suite (MES) ...)
- TODO: check
+CVE-2016-0924
+ REJECTED
CVE-2016-0923 (The client in EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before ...)
TODO: check
CVE-2016-0922 (EMC ViPR SRM before 3.7.2 does not restrict the number of ...)
@@ -27410,8 +27453,8 @@
RESERVED
CVE-2016-0250
RESERVED
-CVE-2016-0249
- RESERVED
+CVE-2016-0249 (SQL injection vulnerability in IBM Security Guardium Database Activity ...)
+ TODO: check
CVE-2016-0248 (IBM Security Guardium 9.0 before p700 and 10.0 before p100 allows ...)
TODO: check
CVE-2016-0247
@@ -27500,8 +27543,8 @@
RESERVED
CVE-2016-0205
RESERVED
-CVE-2016-0204
- RESERVED
+CVE-2016-0204 (Open redirect vulnerability in IBM Cloud Orchestrator 2.4.x before ...)
+ TODO: check
CVE-2016-0203
RESERVED
CVE-2016-0202
@@ -42878,8 +42921,7 @@
- glance 2015.1.0-4 (bug #793896)
[jessie] - glance <not-affected> (Vulnerable code introduced later)
[wheezy] - glance <not-affected> (Vulnerable code introduced later)
-CVE-2015-3288 [zero page memory arbitrary modification]
- RESERVED
+CVE-2015-3288 (mm/memory.c in the Linux kernel before 4.1.4 mishandles anonymous ...)
- linux 4.2-1
[jessie] - linux 3.16.7-ckt17-1
[wheezy] - linux 3.2.71-1
More information about the Secure-testing-commits
mailing list