Author: sectracker
Date: 2016-09-11 21:10:12 +0000 (Sun, 11 Sep 2016)
New Revision: 44512
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-09-11 20:53:14 UTC (rev 44511)
+++ data/CVE/list 2016-09-11 21:10:12 UTC (rev 44512)
@@ -166,6 +166,7 @@
NOTE: Fixed upstream in 1.1.1.
CVE-2016-7163
RESERVED
+ {DSA-3665-1}
- openjpeg2 <unfixed>
NOTE:
https://github.com/uclouvain/openjpeg/commit/c16bc057ba3f125051c9966cf1f5b68a05681de4
NOTE:
https://github.com/uclouvain/openjpeg/commit/ef01f18dfc6780b776d0674ed3e7415c6ef54d24
@@ -404,6 +405,7 @@
NOTE: http://www.openwall.com/lists/oss-security/2016/08/31/1
CVE-2016-7116 [9p: directory traversal flaw in 9p virtio backend]
RESERVED
+ {DLA-619-1 DLA-618-1}
- qemu <unfixed> (bug #836502)
[jessie] - qemu <no-dsa> (Minor issue)
- qemu-kvm <removed>
@@ -17382,6 +17384,7 @@
- lha <removed> (unimportant)
NOTE: Non-free not supported
CVE-2016-1924 (The opj_tgt_reset function in OpenJpeg 2016.1.18 allows remote
...)
+ {DSA-3665-1}
- openjpeg2 2.1.1-1 (bug #818399)
NOTE:
https://github.com/uclouvain/openjpeg/commit/1a8318f6c24623189ecb65e049267c6f2e005c0e
CVE-2016-1923 (Heap-based buffer overflow in the opj_j2k_update_image_data
function ...)
@@ -28131,6 +28134,7 @@
TODO: check
CVE-2015-8871 [Use-after-free in opj_j2k_write_mco]
RESERVED
+ {DSA-3665-1}
- openjpeg2 2.1.1-1 (bug #800149)
- openjpeg <not-affected> (Vulnerable code not present;
opj_j2k_write_mco function)
NOTE:
https://github.com/uclouvain/openjpeg/commit/940100c28ae28931722290794889cf84a92c5f6f
@@ -29155,6 +29159,7 @@
[wheezy] - chromium-browser <end-of-life>
[squeeze] - chromium-browser <end-of-life>
CVE-2015-6581 (Double free vulnerability in the ...)
+ {DSA-3665-1}
- openjpeg <not-affected> (Vulnerable code not present, function
opj_j2k_copy_default_tcp_and_create_tcd)
- openjpeg2 2.1.1-1 (bug #800453)
NOTE: Openjpeg2 fix:
https://github.com/uclouvain/openjpeg/commit/0fa5a17c98c4b8f9ee2286f4f0a50cf52a5fccb0
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
