[Secure-testing-commits] r48035 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sat Jan 14 14:14:34 UTC 2017
Author: carnil
Date: 2017-01-14 14:14:34 +0000 (Sat, 14 Jan 2017)
New Revision: 48035
Modified:
data/CVE/list
Log:
Record more fixes for jessie via 8.7
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-01-14 14:14:07 UTC (rev 48034)
+++ data/CVE/list 2017-01-14 14:14:34 UTC (rev 48035)
@@ -459,7 +459,7 @@
CVE-2017-5195 [Out of bounds read in certain incomplete control codes]
RESERVED
- irssi 0.8.21-1 (bug #850403)
- [jessie] - irssi <no-dsa> (Minor issue)
+ [jessie] - irssi 0.8.17-1+deb8u3
[wheezy] - irssi <no-dsa> (Minor issue)
NOTE: http://www.openwall.com/lists/oss-security/2017/01/05/2
NOTE: https://github.com/irssi/irssi/commit/6c6c42e3d1b49d90aacc0b67f8540471cae02a1d
@@ -467,7 +467,7 @@
CVE-2017-5194 [Use after free when receiving invalid nick message]
RESERVED
- irssi 0.8.21-1 (bug #850403)
- [jessie] - irssi <no-dsa> (Minor issue)
+ [jessie] - irssi 0.8.17-1+deb8u3
[wheezy] - irssi <no-dsa> (Minor issue)
NOTE: http://www.openwall.com/lists/oss-security/2017/01/05/2
NOTE: https://github.com/irssi/irssi/commit/6c6c42e3d1b49d90aacc0b67f8540471cae02a1d
@@ -475,7 +475,7 @@
CVE-2017-5193 [NULL pointer dereference in the nickcmp function]
RESERVED
- irssi 0.8.21-1 (bug #850403)
- [jessie] - irssi <no-dsa> (Minor issue)
+ [jessie] - irssi 0.8.17-1+deb8u3
[wheezy] - irssi <no-dsa> (Minor issue)
NOTE: http://www.openwall.com/lists/oss-security/2017/01/05/2
NOTE: https://github.com/irssi/irssi/commit/6c6c42e3d1b49d90aacc0b67f8540471cae02a1d
@@ -4049,7 +4049,7 @@
NOTE: Cf. https://bugs.debian.org/847666
CVE-2016-9938 (An issue was discovered in Asterisk Open Source 11.x before 11.25.1, ...)
- asterisk 1:13.13.1~dfsg-1 (bug #847668)
- [jessie] - asterisk <no-dsa> (Minor issue)
+ [jessie] - asterisk 1:11.13.1~dfsg-2+deb8u2
[wheezy] - asterisk <no-dsa> (Minor issue)
NOTE: http://downloads.asterisk.org/pub/security/AST-2016-009.html
NOTE: Only applicable if a proxy is in use.
@@ -30641,7 +30641,7 @@
NOT-FOR-US: Foxit
CVE-2016-4074 (The jv_dump_term function in jq 1.5 allows remote attackers to cause a ...)
- jq 1.5+dfsg-1.1 (low; bug #822456)
- [jessie] - jq <no-dsa> (Minor issue)
+ [jessie] - jq 1.4-2.1+deb8u1
NOTE: https://github.com/stedolan/jq/issues/1136
NOTE: http://www.openwall.com/lists/oss-security/2016/04/24/3
CVE-2016-4069 (Cross-site request forgery (CSRF) vulnerability in Roundcube Webmail ...)
@@ -30866,7 +30866,7 @@
NOTE: http://www.openwall.com/lists/oss-security/2016/04/20/5
CVE-2015-8863 (Off-by-one error in the tokenadd function in jv_parse.c in jq allows ...)
- jq 1.5+dfsg-1.1 (low; bug #802231)
- [jessie] - jq <no-dsa> (Minor issue)
+ [jessie] - jq 1.4-2.1+deb8u1
NOTE: https://github.com/stedolan/jq/issues/995
NOTE: https://github.com/stedolan/jq/commit/8eb1367ca44e772963e704a700ef72ae2e12babd
NOTE: http://www.openwall.com/lists/oss-security/2016/04/23/1
More information about the Secure-testing-commits
mailing list