Author: carnil Date: 2016-09-17 14:19:25 +0000 (Sat, 17 Sep 2016) New Revision: 44680
Modified: data/CVE/list data/next-point-update.txt Log: Start reviewing 8.6 changelog and merge entries Modified: data/CVE/list =================================================================== --- data/CVE/list 2016-09-17 14:19:03 UTC (rev 44679) +++ data/CVE/list 2016-09-17 14:19:25 UTC (rev 44680) @@ -28847,7 +28847,7 @@ CVE-2015-7747 [When changing both sample format and number of channels, data gets corrupted; if new sample format smaller than old, possible buffer overflow] RESERVED - audiofile 0.3.6-3 (bug #801102) - [jessie] - audiofile <no-dsa> (Minor issue) + [jessie] - audiofile 0.3.6-2+deb8u1 [wheezy] - audiofile <no-dsa> (Minor issue) [squeeze] - audiofile <not-affected> (Vulnerable code introduced later) NOTE: http://www.openwall.com/lists/oss-security/2015/10/06/2 @@ -60632,6 +60632,7 @@ CVE-2014-XXXX [install-sh: insecure use of /tmp] - automake1.11 <unfixed> (unimportant; bug #827346) - automake-1.14 <removed> (unimportant; bug #827347) + [jessie] - automake-1.14 1:1.14.1-4+deb8u1 - automake-1.15 1:1.15-3 (unimportant; bug #760455) NOTE: http://seclists.org/oss-sec/2014/q3/588 NOTE: Neutralised by kernel hardening Modified: data/next-point-update.txt =================================================================== --- data/next-point-update.txt 2016-09-17 14:19:03 UTC (rev 44679) +++ data/next-point-update.txt 2016-09-17 14:19:25 UTC (rev 44680) @@ -32,11 +32,6 @@ [jessie] - dosfstools 3.0.27-1+deb8u1 CVE-2016-4804 [jessie] - dosfstools 3.0.27-1+deb8u1 -CVE-2015-7747 - [jessie] - audiofile 0.3.6-2+deb8u1 -CVE-2014-XXXX - [jessie] - automake-1.14 1:1.14.1-4+deb8u1 - NOTE: for #827347 CVE-2016-4971 [jessie] - wget 1.16-1+deb8u1 CVE-2016-0772 _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits