[Secure-testing-commits] r58092 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Tue Nov 28 20:22:18 UTC 2017 

Author: carnil
Date: 2017-11-28 20:22:18 +0000 (Tue, 28 Nov 2017)
New Revision: 58092

Modified:
   data/CVE/list
Log:
Several issues fixed for radare2 in unstable

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-11-28 20:20:46 UTC (rev 58091)
+++ data/CVE/list	2017-11-28 20:22:18 UTC (rev 58092)
@@ -2241,7 +2241,7 @@
 CVE-2017-16806 (The Process function in RemoteTaskServer/WebServer/HttpServer.cs in ...)
 	NOT-FOR-US: Ulterius
 CVE-2017-16805 (In radare2 2.0.1, libr/bin/dwarf.c allows remote attackers to cause a ...)
-	- radare2 <unfixed> (bug #882134)
+	- radare2 2.1.0+dfsg-1 (bug #882134)
 	[stretch] - radare2 <no-dsa> (Minor issue)
 	[jessie] - radare2 <no-dsa> (Minor issue)
 	[wheezy] - radare2 <not-affected> (Vulnerable code does not exist; no dwarf support)
@@ -3353,7 +3353,7 @@
 CVE-2017-16360
 	RESERVED
 CVE-2017-16359 (In radare 2.0.1, a pointer wraparound vulnerability exists in ...)
-	- radare2 <unfixed> (bug #880616)
+	- radare2 2.1.0+dfsg-1 (bug #880616)
 	[stretch] - radare2 <no-dsa> (Minor issue)
 	[jessie] - radare2 <not-affected> (Vulnerable code introduced later)
 	[wheezy] - radare2 <not-affected> (Vulnerable code introduced later)
@@ -3362,14 +3362,14 @@
 	NOTE: https://github.com/radare/radare2/commit/fbaf24bce7ea4211e4608b3ab6c1b45702cb243d
 	NOTE: https://github.com/radare/radare2/issues/8764
 CVE-2017-16358 (In radare 2.0.1, an out-of-bounds read vulnerability exists in ...)
-	- radare2 <unfixed> (bug #880619)
+	- radare2 2.1.0+dfsg-1 (bug #880619)
 	[stretch] - radare2 <not-affected> (Vulnerable code introduced later)
 	[jessie] - radare2 <not-affected> (Vulnerable code introduced later)
 	[wheezy] - radare2 <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/radare/radare2/commit/d31c4d3cbdbe01ea3ded16a584de94149ecd31d9
 	NOTE: https://github.com/radare/radare2/issues/8748
 CVE-2017-16357 (In radare 2.0.1, a memory corruption vulnerability exists in ...)
-	- radare2 <unfixed> (bug #880620)
+	- radare2 2.1.0+dfsg-1 (bug #880620)
 	[stretch] - radare2 <no-dsa> (Minor issue)
 	[jessie] - radare2 <not-affected> (Vulnerable code introduced later)
 	[wheezy] - radare2 <not-affected> (Vulnerable code introduced later)
@@ -4707,14 +4707,14 @@
 CVE-2017-15933 (SQL injection vulnerability vulnerability in the EyesOfNetwork web ...)
 	NOT-FOR-US: EyesOfNetwork (EON)
 CVE-2017-15932 (In radare2 2.0.1, an integer exception (negative number leading to an ...)
-	- radare2 <unfixed> (bug #880024)
+	- radare2 2.1.0+dfsg-1 (bug #880024)
 	[stretch] - radare2 <no-dsa> (Minor issue)
 	[jessie] - radare2 <not-affected> (Vulnerable code introduced in 0.10.2)
 	[wheezy] - radare2 <not-affected> (Vulnerable code introduced in 0.10.2)
 	NOTE: https://github.com/radare/radare2/commit/44ded3ff35b8264f54b5a900cab32ec489d9e5b9
 	NOTE: https://github.com/radare/radare2/issues/8743
 CVE-2017-15931 (In radare2 2.0.1, an integer exception (negative number leading to an ...)
-	- radare2 <unfixed> (bug #880025)
+	- radare2 2.1.0+dfsg-1 (bug #880025)
 	[stretch] - radare2 <no-dsa> (Minor issue)
 	[jessie] - radare2 <not-affected> (Vulnerable code introduced in 0.10.2)
 	[wheezy] - radare2 <not-affected> (Vulnerable code introduced in 0.10.2)
@@ -6025,7 +6025,7 @@
 	[jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
 	[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 CVE-2017-15385 (The store_versioninfo_gnu_verdef function in libr/bin/format/elf/elf.c ...)
-	- radare2 <unfixed> (bug #879119)
+	- radare2 2.1.0+dfsg-1 (bug #879119)
 	[stretch] - radare2 <no-dsa> (Minor issue)
 	[jessie] - radare2 <not-affected> (Vulnerable code introduced in 0.10.2)
 	[wheezy] - radare2 <not-affected> (Vulnerable code introduced in 0.10.2)
@@ -6078,7 +6078,7 @@
 	NOTE: Introduced by: http://git.ghostscript.com/?p=mupdf.git;h=2707fa9e8e6d17d794330e719dec1b08161fb045
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=698592
 CVE-2017-15368 (The wasm_dis function in libr/asm/arch/wasm/wasm.c in radare2 2.0.0 ...)
-	- radare2 <unfixed> (bug #878767)
+	- radare2 2.1.0+dfsg-1 (bug #878767)
 	[stretch] - radare2 <not-affected> (Vulnerable code introduced in 2.0.0)
 	[jessie] - radare2 <not-affected> (Vulnerable code introduced in 2.0.0)
 	[wheezy] - radare2 <not-affected> (Vulnerable code introduced in 2.0.0)

More information about the Secure-testing-commits mailing list