[Git][security-tracker-team/security-tracker][master] 3 commits: CVE-2016-4804 will be fixed

Sat May 30 16:42:30 BST 2020


Thorsten Alteholz pushed to branch master at Debian Security Tracker / security-tracker


Commits:
a15884e6 by Thorsten Alteholz at 2020-05-30T17:41:25+02:00
CVE-2016-4804 will be fixed

- - - - -
9d006fd0 by Thorsten Alteholz at 2020-05-30T17:41:55+02:00
CVE-2015-8872 will be fixed

- - - - -
d1b7594c by Thorsten Alteholz at 2020-05-30T17:42:13+02:00
Reserve DLA-2224-1 for dosfstools

- - - - -


2 changed files:

- data/CVE/list
- data/DLA/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -212961,7 +212961,6 @@ CVE-2016-4805 (Use-after-free vulnerability in drivers/net/ppp/ppp_generic.c in
 CVE-2016-4804 (The read_boot function in boot.c in dosfstools before 4.0 allows attac ...)
 	{DLA-474-1}
 	- dosfstools 4.0-1
-	[jessie] - dosfstools <no-dsa> (Minor issue)
 	NOTE: https://github.com/dosfstools/dosfstools/issues/25
 	NOTE: https://github.com/dosfstools/dosfstools/issues/26
 	NOTE: https://github.com/dosfstools/dosfstools/commit/e8eff147e9da1185f9afd5b25948153a3b97cf52
@@ -214051,7 +214050,6 @@ CVE-2016-4423 (The attemptAuthentication function in Component/Security/Http/Fir
 CVE-2015-8872 (The set_fat function in fat.c in dosfstools before 4.0 might allow att ...)
 	{DLA-474-1}
 	- dosfstools 4.0-1
-	[jessie] - dosfstools <no-dsa> (Minor issue)
 	NOTE: https://github.com/dosfstools/dosfstools/issues/12
 	NOTE: https://github.com/dosfstools/dosfstools/commit/07908124838afcc99c577d1d3e84cef2dbd39cb7
 CVE-2015-8870 (Integer overflow in tools/bmp2tiff.c in LibTIFF before 4.0.4 allows re ...)


=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[30 May 2020] DLA-2224-1 dosfstools - security update
+	{CVE-2015-8872 CVE-2016-4804}
+	[jessie] - dosfstools 3.0.27-1+deb8u1
 [29 May 2020] DLA-2223-1 salt - security update
 	{CVE-2020-11651 CVE-2020-11652}
 	[jessie] - salt 2014.1.13+ds-3+deb8u1



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/56d0e7bf37330750798e6d4969bc9fbd7049dc5c...d1b7594c8248ec2d64e69c43a8e4da9b3ba1ecca

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/56d0e7bf37330750798e6d4969bc9fbd7049dc5c...d1b7594c8248ec2d64e69c43a8e4da9b3ba1ecca
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200530/4981ad46/attachment.html>
