[Secure-testing-commits] r48932 - in data: CVE DLA

Salvatore Bonaccorso carnil at moszumanska.debian.org
Tue Feb 14 19:00:55 UTC 2017 

Author: carnil
Date: 2017-02-14 19:00:55 +0000 (Tue, 14 Feb 2017)
New Revision: 48932

Modified:
   data/CVE/list
   data/DLA/list
Log:
CVE-2015-8983 assigned

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-02-14 18:58:52 UTC (rev 48931)
+++ data/CVE/list	2017-02-14 19:00:55 UTC (rev 48932)
@@ -65498,17 +65498,15 @@
 	NOT-FOR-US: Contact Form DB (aka CFDB and contact-form-7-to-database-extension) plugin for WordPress
 CVE-2015-2039 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)
 	NOT-FOR-US: Acobot Live Chat & Contact Form plugin for WordPress
-CVE-2015-XXXX [_IO_wstr_overflow integer overflow]
+CVE-2015-8983 [_IO_wstr_overflow integer overflow]
 	- eglibc <removed>
 	[wheezy] - eglibc 2.13-38+deb7u9
 	- glibc 2.21-1 (bug #779587)
 	[jessie] - glibc 2.19-18+deb8u2
-	[squeeze] - eglibc 2.11.3-4+deb6u7
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=17269
 	NOTE: Fixed upstream in 2.22
 	NOTE: Fixed by: https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=bdf1ff052a8e23d637f2c838fa5642d78fcedc33
-	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/02/22/15
-	NOTE: Added workaround entry for DLA-316-1 until CVE assigned.
+	NOTE: http://www.openwall.com/lists/oss-security/2015/02/22/15
 CVE-2015-8477 [Potential XSS vulnerability when rendering some flash messages]
 	RESERVED
 	- redmine 3.0~20140825-5 (low)

Modified: data/DLA/list
===================================================================
--- data/DLA/list	2017-02-14 18:58:52 UTC (rev 48931)
+++ data/DLA/list	2017-02-14 19:00:55 UTC (rev 48932)
@@ -1542,7 +1542,7 @@
 	{CVE-2014-9638 CVE-2014-9639 CVE-2014-9640 CVE-2015-6749}
 	[squeeze] - vorbis-tools 1.4.0-1+deb6u1
 [27 Sep 2015] DLA-316-1 eglibc - security update
-	{CVE-2014-8121 CVE-2015-8777}
+	{CVE-2014-8121 CVE-2015-8777 CVE-2015-8983}
 	[squeeze] - eglibc 2.11.3-4+deb6u7
 [26 Sep 2015] DLA-315-1 nss - security update
 	{CVE-2015-2721 CVE-2015-2730}

More information about the Secure-testing-commits mailing list