[Secure-testing-commits] r45439 - data/CVE

security tracker role sectracker at moszumanska.debian.org
Tue Oct 18 21:10:12 UTC 2016 

Author: sectracker
Date: 2016-10-18 21:10:11 +0000 (Tue, 18 Oct 2016)
New Revision: 45439

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-10-18 20:35:36 UTC (rev 45438)
+++ data/CVE/list	2016-10-18 21:10:11 UTC (rev 45439)
@@ -30,7 +30,7 @@
 	RESERVED
 CVE-2016-6911 [invalid read in gdImageCreateFromTiffPtr()]
 	RESERVED
-	{DSA-3693-1}
+	{DSA-3693-1 DLA-665-1}
 	- libgd2 <unfixed> (bug #840806)
 	NOTE: Corresponds to the 0020-Fix-invalid-read-in-gdImageCreateFromTiffPtr.patch patch
 CVE-2016-8703
@@ -156,7 +156,7 @@
 	NOTE: (Wheezy) Crash is not reproducible with reprocuder. Needs clarification from upstream.
 CVE-2016-8670 [Stack Buffer Overflow in GD dynamicGetbuf]
 	RESERVED
-	{DSA-3693-1}
+	{DSA-3693-1 DLA-665-1}
 	- libgd2 <unfixed> (bug #840805)
 	NOTE: Workaround entry for DSA-3693-1 until CVE assigned
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=73280
@@ -334,12 +334,14 @@
 	NOTE: Fixed by: https://git.kernel.org/linus/ded89912156b1a47d940a0c954c43afbabd0c42c (v4.8-rc8)
 CVE-2016-8606 [REPL server vulnerable to HTTP inter-protocol attacks]
 	RESERVED
+	{DLA-666-1}
 	- guile-2.0 <unfixed> (low; bug #840555)
 	[jessie] - guile-2.0 <no-dsa> (Minor issue)
 	- guile-1.8 <not-affected> (repl server introduced in 2.0)
 	NOTE: Patch: http://git.savannah.gnu.org/cgit/guile.git/commit/?h=stable-2.0&id=08c021916dbd3a235a9f9cc33df4c418c0724e03
 CVE-2016-8605 [Thread-unsafe umask modification]
 	RESERVED
+	{DLA-666-1}
 	- guile-2.0 <unfixed> (low; bug #840556)
 	[jessie] - guile-2.0 <no-dsa> (Minor issue)
 	- guile-1.8 <not-affected> (repl server introduced in 2.0)
@@ -2571,10 +2573,12 @@
 	NOTE: https://cgit.freedesktop.org/xorg/lib/libXtst/commit/?id=9556ad67af3129ec4a7a4f4b54a0d59701beeae3
 CVE-2016-7950
 	RESERVED
+	{DLA-664-1}
 	- libxrender <unfixed> (bug #840443)
 	NOTE: https://cgit.freedesktop.org/xorg/lib/libXrender/commit/?id=8fad00b0b647ee662ce4737ca15be033b7a21714
 CVE-2016-7949
 	RESERVED
+	{DLA-664-1}
 	- libxrender <unfixed> (bug #840443)
 	NOTE: https://cgit.freedesktop.org/xorg/lib/libXrender/commit/?id=9362c7ddd1af3b168953d0737877bc52d79c94f4
 CVE-2016-7948 [for all of the other mishandling of the reply data]
@@ -24317,6 +24321,7 @@
 	NOTE: https://github.com/perl5-dbi/DBD-mysql/commit/7c164a0c86cec6ee95df1d141e67b0e85dfdefd2 (4.037)
 CVE-2016-1245
 	RESERVED
+	{DSA-3695-1 DLA-662-1}
 	- quagga 1.0.20160315-3 (bug #841162)
 	NOTE: Fixed by: https://github.com/Quagga/quagga/commit/cfb1fae25f8c092e0d17073eaf7bd428ce1cd546
 	NOTE: https://lists.quagga.net/pipermail/quagga-users/2016-October/014478.html

More information about the Secure-testing-commits mailing list