[Secure-testing-commits] r46370 - data/CVE

Sun, 20 Nov 2016 13:10:33 -0800 

Author: sectracker
Date: 2016-11-20 21:10:12 +0000 (Sun, 20 Nov 2016)
New Revision: 46370

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2016-11-20 21:08:45 UTC (rev 46369)
+++ data/CVE/list       2016-11-20 21:10:12 UTC (rev 46370)
@@ -159,12 +159,14 @@
        NOTE: For unstable this fix was included in the fix for TALOS-CAN-0187 
/ CVE-2016-5652
        NOTE: and included in patches/09-CVE-2016-5652.patch
 CVE-2016-9446 [gstreamer 0.10 VMNC code execution #2]
+       {DSA-3717-1 DLA-712-1}
        - gst-plugins-bad0.10 <removed>
        - gst-plugins-bad1.0 1.10.1-1
        NOTE: 
http://scarybeastsecurity.blogspot.de/2016/11/0day-poc-risky-design-decisions-in.html
        NOTE: Upstream Bug: https://bugzilla.gnome.org/show_bug.cgi?id=774533
        NOTE: Fixed by: 
https://cgit.freedesktop.org/gstreamer/gst-plugins-bad/commit/?id=4cb1bcf1422bbcd79c0f683edb7ee85e3f7a31fe
 CVE-2016-9445 [gstreamer 0.10 VMNC code execution]
+       {DSA-3717-1 DLA-712-1}
        - gst-plugins-bad0.10 <removed>
        - gst-plugins-bad1.0 1.10.1-1
        NOTE: 
http://scarybeastsecurity.blogspot.de/2016/11/0day-poc-risky-design-decisions-in.html
@@ -176,6 +178,7 @@
        NOTE: https://www.drupal.org/SA-CORE-2016-005
        NOTE: http://www.openwall.com/lists/oss-security/2016/11/18/8
 CVE-2016-9451 [Confirmation forms allow external URLs to be injected]
+       {DSA-3718-1}
        - drupal7 7.52-1
        NOTE: https://www.drupal.org/SA-CORE-2016-005
        NOTE: http://www.openwall.com/lists/oss-security/2016/11/18/8
@@ -185,6 +188,7 @@
        NOTE: https://www.drupal.org/SA-CORE-2016-005
        NOTE: http://www.openwall.com/lists/oss-security/2016/11/18/8
 CVE-2016-9449 [Inconsistent name for term access query]
+       {DSA-3718-1}
        - drupal8 <itp> (bug #756305)
        - drupal7 7.52-1
        NOTE: https://www.drupal.org/SA-CORE-2016-005
@@ -547,6 +551,7 @@
 CVE-2016-9263
        RESERVED
 CVE-2016-9447 [gstreamer 0.10 NSF code execution]
+       {DSA-3713-1 DLA-712-1}
        - gst-plugins-bad0.10 <removed>
        NOTE: 
http://scarybeastsecurity.blogspot.de/2016/11/0day-exploit-compromising-linux-desktop.html
 CVE-2016-9299 [jenkins: unauthenticated remote code execution]


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to