Author: jmm
Date: 2015-09-24 19:40:08 +0000 (Thu, 24 Sep 2015)
New Revision: 36821
Modified:
data/CVE/list
Log:
wget, glibc, dolibarr no-dsa
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-09-24 18:27:20 UTC (rev 36820)
+++ data/CVE/list 2015-09-24 19:40:08 UTC (rev 36821)
@@ -1160,7 +1160,9 @@
NOTE: CVE Request:
http://www.openwall.com/lists/oss-security/2015/09/08/5
NOTE: Thread on oss-security to clarify if this should be CVE-2015-5738
or a new CVE
CVE-2015-XXXX [IP address exposure in FTP code]
- - wget <unfixed>
+ - wget <unfixed> (bug #799964)
+ [wheezy] - wget <no-dsa> (Minor issue)
+ [jessie] - wget <no-dsa> (Minor issue)
NOTE:
http://git.savannah.gnu.org/cgit/wget.git/commit/?id=075d7556964f5a871a73c22ac4b69f5361295099
NOTE: CVE Request:
http://www.openwall.com/lists/oss-security/2015/09/07/8
CVE-2015-6838 [NULL pointer dereference]
@@ -4965,9 +4967,10 @@
NOTE: Possibly introduced around
http://git.qemu.org/?p=qemu.git;a=commitdiff;h=0ae045ae439ad83692ad039a554f7d62acf9de5c
(v0.9.1)
CVE-2015-5277 [data corruption while reading the NSS files database]
RESERVED
- - glibc <unfixed>
+ - glibc <unfixed> (bug #799966)
+ [jessie] - glibc <no-dsa> (Minor issue)
- eglibc <removed>
- TODO: check
+ [wheezy] - glibc <no-dsa> (Minor issue)
CVE-2015-5276 [gcc: Predictable randomness from std::random_device]
RESERVED
- gcc-5 <unfixed>
@@ -8637,6 +8640,7 @@
RESERVED
CVE-2015-3935 (Multiple cross-site scripting (XSS) vulnerabilities in Dolibarr
...)
- dolibarr <unfixed> (bug #787762)
+ [jessie] - dolibarr <no-dsa> (Minor issue)
NOTE: https://github.com/Dolibarr/dolibarr/issues/2857
NOTE:
https://github.com/GPCsolutions/dolibarr/commit/a7f6bbd316e9b96216e9b2c7a065c9251c9a8907
CVE-2015-3934
_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
