[Secure-testing-commits] r45468 - in data: CVE DLA DSA

Salvatore Bonaccorso carnil at moszumanska.debian.org
Thu Oct 20 05:13:32 UTC 2016 

Author: carnil
Date: 2016-10-20 05:13:32 +0000 (Thu, 20 Oct 2016)
New Revision: 45468

Modified:
   data/CVE/list
   data/DLA/list
   data/DSA/list
Log:
CVE-2016-8860/tor assigned

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-10-19 21:10:11 UTC (rev 45467)
+++ data/CVE/list	2016-10-20 05:13:32 UTC (rev 45468)
@@ -2,15 +2,12 @@
 	- imagemagick <unfixed>
 	NOTE: https://blogs.gentoo.org/ago/2016/10/17/imagemagick-memory-allocation-failure-in-acquiremagickmemory-memory-c/
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/10/17/4
-CVE-2016-XXXX [tor DoS]
+CVE-2016-8860 [tor DoS]
 	- tor 0.2.8.9-1
-	[jessie] - tor 0.2.5.12-3
-	[wheezy] - tor 0.2.4.27-2
-	NOTE: Workaround entry for DSA-3694-1/DLA-663-1 until CVE assigned
 	NOTE: https://trac.torproject.org/projects/tor/ticket/20384
 	NOTE: https://blog.torproject.org/blog/tor-0289-released-important-fixes
 	NOTE: https://github.com/torproject/tor/commit/3cea86eb2fbb65949673eb4ba8ebb695c87a57ce
-	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/10/18/11
+	NOTE: http://www.openwall.com/lists/oss-security/2016/10/18/11
 CVE-2016-XXXX [Use After Free in unserialize()]
 	- php7.0 7.0.12-1
 	- php5 <unfixed>

Modified: data/DLA/list
===================================================================
--- data/DLA/list	2016-10-19 21:10:11 UTC (rev 45467)
+++ data/DLA/list	2016-10-20 05:13:32 UTC (rev 45468)
@@ -23,6 +23,7 @@
 	{CVE-2016-7949 CVE-2016-7950}
 	[wheezy] - libxrender 1:0.9.7-1+deb7u3
 [18 Oct 2016] DLA-663-1 tor - security update
+	{CVE-2016-8860}
 	[wheezy] - tor 0.2.4.27-2
 [18 Oct 2016] DLA-662-1 quagga - security update
 	{CVE-2016-1245}

Modified: data/DSA/list
===================================================================
--- data/DSA/list	2016-10-19 21:10:11 UTC (rev 45467)
+++ data/DSA/list	2016-10-20 05:13:32 UTC (rev 45468)
@@ -5,6 +5,7 @@
 	{CVE-2016-1245}
 	[jessie] - quagga 0.99.23.1-1+deb8u3
 [18 Oct 2016] DSA-3694-1 tor - security update
+	{CVE-2016-8860}
 	[jessie] - tor 0.2.5.12-3
 [14 Oct 2016] DSA-3693-1 libgd2 - security update
 	{CVE-2016-6911 CVE-2016-7568 CVE-2016-8670}

More information about the Secure-testing-commits mailing list