[Secure-testing-commits] r44682 - data/CVE

Sat, 17 Sep 2016 07:33:06 -0700 

Author: carnil
Date: 2016-09-17 14:31:40 +0000 (Sat, 17 Sep 2016)
New Revision: 44682

Modified:
   data/CVE/list
Log:
More fixes from point release

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2016-09-17 14:24:45 UTC (rev 44681)
+++ data/CVE/list       2016-09-17 14:31:40 UTC (rev 44682)
@@ -5979,7 +5979,7 @@
        NOTE: Furthermore pidgin in Debian is not compiled to use GnuTLS 
(--enable-gnutls=no)
 CVE-2016-XXXX [insecure default PATH]
        - dietlibc 0.34~cvs20160606-2 (bug #832169)
-       [jessie] - dietlibc <no-dsa> (Can be scheduled through jessie point 
release)
+       [jessie] - dietlibc 0.33~cvs20120325-6+deb8u1
        [wheezy] - dietlibc 0.33~cvs20120325-4+deb7u1
        NOTE: Workaround entry for DLA-557-1 until CVE is assigned
        NOTE: Following reverse dependencies need to be recompiled: minit 
(wheezy, jessie),
@@ -10416,7 +10416,7 @@
 CVE-2016-5042
        RESERVED
        - dwarfutils 20160507-1
-       [jessie] - dwarfutils <no-dsa> (Minor issue)
+       [jessie] - dwarfutils 20120410-2+deb8u1
        [wheezy] - dwarfutils <no-dsa> (Minor issue)
        NOTE: 
https://sourceforge.net/p/libdwarf/code/ci/98a3da1e8237fe0d45b67ef77f3fa5ed9ff0215f/
 CVE-2016-5041
@@ -10434,13 +10434,13 @@
 CVE-2016-5039
        RESERVED
        - dwarfutils 20160507-1
-       [jessie] - dwarfutils <no-dsa> (Minor issue)
+       [jessie] - dwarfutils 20120410-2+deb8u1
        [wheezy] - dwarfutils <no-dsa> (Minor issue)
        NOTE: 
https://sourceforge.net/p/libdwarf/code/ci/eb1472afac95031d0c9dd8c11d527b865fe7deb8/
 CVE-2016-5038
        RESERVED
        - dwarfutils 20160507+git20160523.9086738-1
-       [jessie] - dwarfutils <no-dsa> (Minor issue)
+       [jessie] - dwarfutils 20120410-2+deb8u1
        [wheezy] - dwarfutils <no-dsa> (Minor issue)
        NOTE: 
https://sourceforge.net/p/libdwarf/code/ci/82d8e007851805af0dcaaff41f49a2d48473334b/
 CVE-2016-5037
@@ -10452,7 +10452,7 @@
 CVE-2016-5036
        RESERVED
        - dwarfutils 20160507+git20160523.9086738-1
-       [jessie] - dwarfutils <no-dsa> (Minor issue)
+       [jessie] - dwarfutils 20120410-2+deb8u1
        [wheezy] - dwarfutils <no-dsa> (Minor issue)
        NOTE: 
https://sourceforge.net/p/libdwarf/code/ci/82d8e007851805af0dcaaff41f49a2d48473334b/
 CVE-2016-5035
@@ -10464,7 +10464,7 @@
 CVE-2016-5034
        RESERVED
        - dwarfutils 20160507+git20160523.9086738-1
-       [jessie] - dwarfutils <no-dsa> (Minor issue)
+       [jessie] - dwarfutils 20120410-2+deb8u1
        [wheezy] - dwarfutils <no-dsa> (Minor issue)
        NOTE: 
https://sourceforge.net/p/libdwarf/code/ci/10ca310f64368dc083efacac87732c02ef560a92/
 CVE-2016-5033
@@ -19452,7 +19452,7 @@
        RESERVED
 CVE-2016-2091 (The dwarf_read_cie_fde_prefix function in dwarf_frame2.c in 
libdwarf ...)
        - dwarfutils 20160507-1 (bug #813148)
-       [jessie] - dwarfutils <no-dsa> (Minor issue)
+       [jessie] - dwarfutils 20120410-2+deb8u1
        [wheezy] - dwarfutils <no-dsa> (Minor issue)
        NOTE: http://www.openwall.com/lists/oss-security/2016/01/19/3
        NOTE: Fixed by 
http://sourceforge.net/p/libdwarf/code/ci/9565964f26966d8391fe2cfa8e6e8e59278c5f91
@@ -20211,6 +20211,7 @@
 CVE-2016-2050 [Out-of-bounds write in get_abbrev_array_info]
        RESERVED
        - dwarfutils 20160507+git20160523.9086738-1 (unimportant)
+       [jessie] - dwarfutils 20120410-2+deb8u1
        NOTE: http://www.openwall.com/lists/oss-security/2016/01/19/9
        NOTE: Fixed by 
http://sourceforge.net/p/libdwarf/code/ci/a05f5e2ae6a5f34daa566975894fc2803d6ec684
        NOTE: Reasoning for "unimportant" severity: The affected source code is 
present
@@ -22129,7 +22130,7 @@
        RESERVED
        {DLA-388-1}
        - dwarfutils 20160507-1 (bug #813182)
-       [jessie] - dwarfutils <no-dsa> (Minor issue)
+       [jessie] - dwarfutils 20120410-2+deb8u1
        [wheezy] - dwarfutils <no-dsa> (Minor issue)
        NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1294264
        NOTE: 
https://github.com/tomhughes/libdwarf/commit/11750a2838e52953013e3114ef27b3c7b1780697
@@ -25859,7 +25860,7 @@
 CVE-2015-8538 [a out of bound read bug is found in libdwarf]
        RESERVED
        - dwarfutils 20160507-1 (bug #807817)
-       [jessie] - dwarfutils <no-dsa> (Minor issue)
+       [jessie] - dwarfutils 20120410-2+deb8u1
        [wheezy] - dwarfutils <no-dsa> (Minor issue)
        [squeeze] - dwarfutils <not-affected> (No segfault with provided test 
case)
        NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1289385


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to