[Secure-testing-commits] r49866 - in data: CVE DLA

Salvatore Bonaccorso carnil at moszumanska.debian.org
Tue Mar 21 05:58:48 UTC 2017 

Author: carnil
Date: 2017-03-21 05:58:48 +0000 (Tue, 21 Mar 2017)
New Revision: 49866

Modified:
   data/CVE/list
   data/DLA/list
Log:
CVE-2014-9939/binutils assigned

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-03-21 05:28:17 UTC (rev 49865)
+++ data/CVE/list	2017-03-21 05:58:48 UTC (rev 49866)
@@ -57678,14 +57678,11 @@
 	NOTE: http://www.openwall.com/lists/oss-security/2015/08/01/5
 	NOTE: Introduced by https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=60545d0d4610b02e55f65d141c95b18ccf855b6e (v3.11-rc1)
 	NOTE: Fixed by: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f15133df088ecadd141ea1907f2c96df67c729f0 (v4.1-rc3)
-CVE-2015-XXXX [Stack buffer overflow when printing bad bytes in Intel Hex objects]
+CVE-2014-9939 [Stack buffer overflow when printing bad bytes in Intel Hex objects]
 	- binutils 2.25.90.20151125-1
 	[jessie] - binutils <no-dsa> (Minor issue)
-	[wheezy] - binutils 2.22-8+deb7u3
-	[squeeze] - binutils 2.20.1-16+deb6u2
-	NOTE: workaround entry for DLA 324-1-1 and DLA-552-1 until/if CVE assigned
 	- gdb 7.10-1 (unimportant)
-	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/07/31/6
+	NOTE: http://www.openwall.com/lists/oss-security/2015/07/31/6
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=18750
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;a=commitdiff;h=7e27a9d5f22f9f7ead11738b1546d0b5c737266b
 CVE-2015-5702

Modified: data/DLA/list
===================================================================
--- data/DLA/list	2017-03-21 05:28:17 UTC (rev 49865)
+++ data/DLA/list	2017-03-21 05:58:48 UTC (rev 49866)
@@ -959,7 +959,7 @@
 	{CVE-2016-5387}
 	[wheezy] - apache2 2.2.22-13+deb7u7
 [18 Jul 2016] DLA-552-1 binutils - security update
-	{CVE-2016-2226 CVE-2016-4487 CVE-2016-4488 CVE-2016-4489 CVE-2016-4490 CVE-2016-4492 CVE-2016-4493 CVE-2016-6131}
+	{CVE-2014-9939 CVE-2016-2226 CVE-2016-4487 CVE-2016-4488 CVE-2016-4489 CVE-2016-4490 CVE-2016-4492 CVE-2016-4493 CVE-2016-6131}
 	[wheezy] - binutils 2.22-8+deb7u3
 [17 Jul 2016] DLA-551-1 phpmyadmin - security update
 	{CVE-2016-5731 CVE-2016-5733 CVE-2016-5739}
@@ -1640,7 +1640,7 @@
 	{CVE-2015-2925 CVE-2015-5257 CVE-2015-7613}
 	[squeeze] - linux-2.6 2.6.32-48squeeze16
 [02 Oct 2015] DLA-324-1 binutils - security update
-	{CVE-2012-3509}
+	{CVE-2012-3509 CVE-2014-9939}
 	[squeeze] - binutils 2.20.1-16+deb6u2
 [01 Oct 2015] DLA-323-1 fuseiso - security update
 	{CVE-2015-8836 CVE-2015-8837}

More information about the Secure-testing-commits mailing list