[Secure-testing-commits] r45270 - data/CVE

Wed, 12 Oct 2016 14:10:43 -0700 

Author: sectracker
Date: 2016-10-12 21:10:13 +0000 (Wed, 12 Oct 2016)
New Revision: 45270

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2016-10-12 19:55:40 UTC (rev 45269)
+++ data/CVE/list       2016-10-12 21:10:13 UTC (rev 45270)
@@ -232,6 +232,7 @@
        - dwarfutils <unfixed>
        NOTE: CVE Request: 
http://www.openwall.com/lists/oss-security/2016/10/08/13
 CVE-2016-8602 [type confusion]
+       {DSA-3691-1}
        - ghostscript <unfixed> (bug #840451)
        NOTE: http://bugs.ghostscript.com/show_bug.cgi?id=697203
        NOTE: 
http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=f5c7555c30393e64ec1f5ab0dfae5b55b3b3fc78
@@ -469,6 +470,7 @@
        RESERVED
 CVE-2016-7979 [type confusion in .initialize_dsc_parser allows remote code 
execution]
        RESERVED
+       {DSA-3691-1}
        - ghostscript <unfixed> (bug #839846)
        NOTE: Upstream bug: http://bugs.ghostscript.com/show_bug.cgi?id=697190
        NOTE: Reproducer: http://bugs.ghostscript.com/show_bug.cgi?id=697190#c0
@@ -477,6 +479,7 @@
        NOTE: http://www.openwall.com/lists/oss-security/2016/10/05/19
 CVE-2016-7978 [reference leak in .setdevice allows use-after-free and remote 
code execution]
        RESERVED
+       {DSA-3691-1}
        - ghostscript <unfixed> (bug #839845)
        NOTE: Upstream bug: http://bugs.ghostscript.com/show_bug.cgi?id=697179
        NOTE: Reproducer: http://bugs.ghostscript.com/show_bug.cgi?id=697179#c0
@@ -484,6 +487,7 @@
        NOTE: http://www.openwall.com/lists/oss-security/2016/10/05/7
 CVE-2016-7977 [.libfile doesn't check PermitFileReading array, allowing remote 
file disclosure]
        RESERVED
+       {DSA-3691-1}
        - ghostscript <unfixed> (high; bug #839841)
        NOTE: Upstream bug: http://bugs.ghostscript.com/show_bug.cgi?id=697169
        NOTE: Reproducer: 
http://www.openwall.com/lists/oss-security/2016/09/29/28
@@ -491,6 +495,7 @@
        NOTE: http://www.openwall.com/lists/oss-security/2016/10/05/7
 CVE-2016-7976 [various userparams allow %pipe% in paths, allowing remote shell 
command execution]
        RESERVED
+       {DSA-3691-1}
        - ghostscript <unfixed> (high; bug #839260)
        NOTE: Upstream bug: http://bugs.ghostscript.com/show_bug.cgi?id=697178
        NOTE: Reproducer: 
http://www.openwall.com/lists/oss-security/2016/09/30/8
@@ -82664,6 +82669,7 @@
        - serendipity <not-affected> (Spellcheck plugin not included in 1.5.x)
 CVE-2013-5653 [Ghostscript information disclosure through getenv, 
filenameforall]
        RESERVED
+       {DSA-3691-1}
        - ghostscript <unfixed> (low; bug #839118)
        NOTE: http://bugs.ghostscript.com/show_bug.cgi?id=694724
        NOTE: 
http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=ab109aaeb3ddba59518b036fb288402a65cf7ce8


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to