[Git][security-tracker-team/security-tracker][master] CVE-2015-9261/busybox assigned

Thu Jul 26 20:05:36 BST 2018

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
31432f2a by Salvatore Bonaccorso at 2018-07-26T21:04:36+02:00
CVE-2015-9261/busybox assigned

Remove the ELTS specific entry which now can be moved to the appropriate
list in the ELTS tracker.
Rationale: The respective wheezy version was never in either
security.d.o or ftp-master.

- - - - -


2 changed files:

- data/CVE/list
- data/DLA/list


Changes:

=====================================
data/CVE/list
=====================================

--- a/data/CVE/list
+++ b/data/CVE/list
@@ -123864,13 +123864,10 @@ CVE-2015-7944 (The RESTful control interface (aka RAPI or ganeti-rapi) in Ganeti
 	[squeeze] - ganeti <end-of-life> (Depends on KVM/Xen, unsupported in Squeeze LTS)
 	NOTE: http://www.ocert.org/advisories/ocert-2015-012.html
 	NOTE: http://git.ganeti.org/?p=ganeti.git;a=commit;h=201fcb916b8164c78f4ed8e0c9cfc0227a78684c
-CVE-2015-XXXX [busybox: pointer misuse unziping files]
+CVE-2015-9261 [busybox: pointer misuse unziping files]
 	- busybox 1:1.27.2-1 (bug #803097)
 	[stretch] - busybox <no-dsa> (Minor issue)
-	[wheezy] - busybox 1:1.20.0-7+deb7u1
-	[squeeze] - busybox 1:1.17.1-8+deb6u11
-	NOTE: workaround entry for DLA-337-1 until/if CVE assigned
-	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/10/25/3
+	NOTE: http://www.openwall.com/lists/oss-security/2015/10/25/3
 	NOTE: http://git.busybox.net/busybox/commit/?id=1de25a6e87e0e627aa34298105a3d17c60a1f44e
 CVE-2015-7995 (The xsltStylePreCompute function in preproc.c in libxslt 1.1.28 does ...)
 	{DSA-3605-1 DLA-514-1}


=====================================
data/DLA/list
=====================================
--- a/data/DLA/list
+++ b/data/DLA/list
@@ -3346,6 +3346,7 @@
 	{CVE-2015-8025}
 	[squeeze] - xscreensaver 5.11-1+deb6u11
 [31 Oct 2015] DLA-337-1 busybox - security update
+	{CVE-2015-9261}
 	[squeeze] - busybox 1:1.17.1-8+deb6u11
 [28 Oct 2015] DLA-336-1 phpmyadmin - security update
 	{CVE-2014-8958 CVE-2014-9218 CVE-2015-2206 CVE-2015-3902}



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/31432f2addcb2d8000340d5906ed4038daccc8f1

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/31432f2addcb2d8000340d5906ed4038daccc8f1
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180726/5a493a85/attachment-0001.html>
