[Secure-testing-commits] r58994 - in data: . CVE
Emilio Pozuelo Monfort
pochu at moszumanska.debian.org
Thu Dec 28 10:20:11 UTC 2017
Author: pochu
Date: 2017-12-28 10:20:11 +0000 (Thu, 28 Dec 2017)
New Revision: 58994
Modified:
data/CVE/list
data/dla-needed.txt
Log:
nasm no-dsa on wheezy as well
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-12-28 10:19:28 UTC (rev 58993)
+++ data/CVE/list 2017-12-28 10:20:11 UTC (rev 58994)
@@ -405,59 +405,70 @@
- nasm 2.13.02-0.1
[stretch] - nasm <no-dsa> (Minor issue)
[jessie] - nasm <no-dsa> (Minor issue)
+ [wheezy] - nasm <no-dsa> (Minor issue)
NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392433
CVE-2017-17819 (In Netwide Assembler (NASM) 2.14rc0, there is an illegal address access ...)
- nasm 2.13.02-0.1
[stretch] - nasm <no-dsa> (Minor issue)
[jessie] - nasm <no-dsa> (Minor issue)
+ [wheezy] - nasm <no-dsa> (Minor issue)
NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392435
NOTE: http://repo.or.cz/nasm.git/commit/7524cfd91492e6e3719b959498be584a9ced13af (nasm-2.13.02rc3)
CVE-2017-17818 (In Netwide Assembler (NASM) 2.14rc0, there is a heap-based buffer ...)
- nasm 2.13.02-0.1
[stretch] - nasm <no-dsa> (Minor issue)
[jessie] - nasm <no-dsa> (Minor issue)
+ [wheezy] - nasm <no-dsa> (Minor issue)
NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392428
CVE-2017-17817 (In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in ...)
- nasm 2.13.02-0.1
[stretch] - nasm <no-dsa> (Minor issue)
[jessie] - nasm <no-dsa> (Minor issue)
+ [wheezy] - nasm <no-dsa> (Minor issue)
NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392427
CVE-2017-17816 (In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in ...)
- nasm 2.13.02-0.1
[stretch] - nasm <no-dsa> (Minor issue)
[jessie] - nasm <no-dsa> (Minor issue)
+ [wheezy] - nasm <no-dsa> (Minor issue)
NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392426
CVE-2017-17815 (In Netwide Assembler (NASM) 2.14rc0, there is an illegal address access ...)
- nasm 2.13.02-0.1
[stretch] - nasm <no-dsa> (Minor issue)
[jessie] - nasm <no-dsa> (Minor issue)
+ [wheezy] - nasm <no-dsa> (Minor issue)
NOTE: http://repo.or.cz/nasm.git/commit/c9244eaadd05b27637cde06021bac3fa1d920aa3 (nasm-2.13.02rc3)
NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392436
CVE-2017-17814 (In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in ...)
- nasm 2.13.02-0.1
[stretch] - nasm <no-dsa> (Minor issue)
[jessie] - nasm <no-dsa> (Minor issue)
+ [wheezy] - nasm <no-dsa> (Minor issue)
NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392430
CVE-2017-17813 (In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in the ...)
- nasm 2.13.02-0.1
[stretch] - nasm <no-dsa> (Minor issue)
[jessie] - nasm <no-dsa> (Minor issue)
+ [wheezy] - nasm <no-dsa> (Minor issue)
NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392429
CVE-2017-17812 (In Netwide Assembler (NASM) 2.14rc0, there is a heap-based buffer ...)
- nasm 2.13.02-0.1
[stretch] - nasm <no-dsa> (Minor issue)
[jessie] - nasm <no-dsa> (Minor issue)
+ [wheezy] - nasm <no-dsa> (Minor issue)
NOTE: http://repo.or.cz/nasm.git/commit/9b7ee09abfd426b99aa1ea81d19a3b2818eeabf9 (nasm-2.13.02rc3)
NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392424
CVE-2017-17811 (In Netwide Assembler (NASM) 2.14rc0, there is a heap-based buffer ...)
- nasm 2.13.02-0.1
[stretch] - nasm <no-dsa> (Minor issue)
[jessie] - nasm <no-dsa> (Minor issue)
+ [wheezy] - nasm <no-dsa> (Minor issue)
NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392432
CVE-2017-17810 (In Netwide Assembler (NASM) 2.14rc0, there is a "SEGV on unknown ...)
- nasm 2.13.02-0.1
[stretch] - nasm <no-dsa> (Minor issue)
[jessie] - nasm <no-dsa> (Minor issue)
+ [wheezy] - nasm <no-dsa> (Minor issue)
NOTE: http://repo.or.cz/nasm.git/commit/59ce1c67b16967c652765e62aa130b7e43f21dd4 (nasm-2.13.02rc3)
NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392431
CVE-2017-17809 (In Golden Frog VyprVPN before 2.15.0.5828 for macOS, the vyprvpnservice ...)
Modified: data/dla-needed.txt
===================================================================
--- data/dla-needed.txt 2017-12-28 10:19:28 UTC (rev 58993)
+++ data/dla-needed.txt 2017-12-28 10:20:11 UTC (rev 58994)
@@ -53,8 +53,6 @@
mupdf
NOTE: 20171224: Upstream patch does not apply to LTS cleanly. Might need hanges to apps/pdfclean.c rather than pdf-write.c (lamby)
--
-nasm
---
rtpproxy
NOTE: it's not clear to me if a fix is even possible. (Raphaël Hertzog)
--
More information about the Secure-testing-commits
mailing list