[Secure-testing-commits] r52002 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Sat May 27 22:10:57 UTC 2017
Author: jmm
Date: 2017-05-27 22:10:57 +0000 (Sat, 27 May 2017)
New Revision: 52002
Modified:
data/CVE/list
Log:
one coreutils no-dsa
remove bogus dc3dd issue, not worth tracking
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-05-27 22:04:53 UTC (rev 52001)
+++ data/CVE/list 2017-05-27 22:10:57 UTC (rev 52002)
@@ -47349,6 +47349,7 @@
NOTE: Upstream commit: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=cac9b50b0d75a1d50d6c056ff65c005f3224c8e0 (v4.5-rc2)
CVE-2016-2781 (chroot in GNU coreutils, when used with --userspec, allows local users ...)
- coreutils <unfixed> (bug #816320)
+ [stretch] - coreutils <no-dsa> (Minor issue)
[jessie] - coreutils <no-dsa> (Minor issue)
[wheezy] - coreutils <no-dsa> (Minor issue)
NOTE: Restricting ioctl on the kernel side seems the better approach
@@ -58553,11 +58554,6 @@
NOTE: Workaround entry for DLA-333-1 and DLA-566-1 until/if CVE assigned
NOTE: http://seclists.org/fulldisclosure/2015/Oct/70
NOTE: https://github.com/cakephp/cakephp/releases/tag/2.6.6
-CVE-2015-XXXX [dc3dd: buffer overflow]
- - dc3dd <unfixed> (bug #801872)
- [jessie] - dc3dd <not-affected> (Harmless crash due to hardening)
- [wheezy] - dc3dd <no-dsa> (Minor issue)
- NOTE: http://seclists.org/bugtraq/2015/Oct/71
CVE-2015-7830 (The pcapng_read_if_descr_block function in wiretap/pcapng.c in the ...)
{DSA-3505-1}
- wireshark 1.12.8+g5b6e543-1
More information about the Secure-testing-commits
mailing list