Author: anarcat Date: 2016-05-03 17:07:30 +0000 (Tue, 03 May 2016) New Revision: 41387
Modified: data/CVE/list Log: Summary: atheme fixes in sid Modified: data/CVE/list =================================================================== --- data/CVE/list 2016-05-03 16:21:22 UTC (rev 41386) +++ data/CVE/list 2016-05-03 17:07:30 UTC (rev 41387) @@ -123,14 +123,14 @@ CVE-2016-4350 RESERVED CVE-2014-9773 [A remote attacker could change Atheme's behavior by registering/dropping certain accounts/nicks] - - atheme-services <unfixed> + - atheme-services 7.0.7-2 [jessie] - atheme-services <not-affected> (Vulnerable code introduced later) NOTE: https://github.com/atheme/atheme/issues/397 NOTE: Fixed by: https://github.com/atheme/atheme/commit/c597156adc60a45b5f827793cd420945f47bc03b NOTE: Introduced in: https://github.com/atheme/atheme/commit/5c734f28068cf47b9b450af4dcf37195734b15be NOTE: http://www.openwall.com/lists/oss-security/2016/05/02/2 CVE-2016-4478 [denial of service due to a buffer overflow in the XMLRPC response encoding code] - - atheme-services <unfixed> + - atheme-services 7.0.7-2 NOTE: https://github.com/atheme/atheme/commit/87580d767868360d2fed503980129504da84b63e NOTE: http://www.openwall.com/lists/oss-security/2016/05/02/2 CVE-2016-4425 [stack exhaustion parsing a JSON file] _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits