[Secure-testing-commits] r46517 - in data: . CVE

Thu, 24 Nov 2016 13:13:04 -0800 

Author: opal
Date: 2016-11-24 21:12:34 +0000 (Thu, 24 Nov 2016)
New Revision: 46517

Modified:
   data/CVE/list
   data/dla-needed.txt
Log:
Triaging.

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2016-11-24 21:10:11 UTC (rev 46516)
+++ data/CVE/list       2016-11-24 21:12:34 UTC (rev 46517)
@@ -31,6 +31,7 @@
 CVE-2016-9633
        - w3m 0.5.3-33
        [jessie] - w3m <no-dsa> (Minor issue)
+       [wheezy] - w3m <no-dsa> (Minor issue)
        NOTE: https://github.com/tats/w3m/issues/23
 CVE-2016-9632
        - w3m 0.5.3-33
@@ -68,14 +69,17 @@
 CVE-2016-9624
        - w3m 0.5.3-33
        [jessie] - w3m <no-dsa> (Minor issue)
+       [wheezy] - w3m <no-dsa> (Minor issue)
        NOTE: https://github.com/tats/w3m/issues/35
 CVE-2016-9623
        - w3m 0.5.3-33
        [jessie] - w3m <no-dsa> (Minor issue)
+       [wheezy] - w3m <no-dsa> (Minor issue)
        NOTE: https://github.com/tats/w3m/issues/33
 CVE-2016-9622
        - w3m 0.5.3-33
        [jessie] - w3m <no-dsa> (Minor issue)
+       [wheezy] - w3m <no-dsa> (Minor issue)
        NOTE: https://github.com/tats/w3m/issues/32
 CVE-2016-9621
        - w3m 0.5.3-33
@@ -889,9 +893,11 @@
        NOTE: 
https://github.com/vadz/libtiff/commit/5ad9d8016fbb60109302d558f7edb2cb2a3bb8e3
 CVE-2016-9539 [Out-of-bounds read in readContigTilesIntoBuffer()]
        - tiff 4.0.7-1
+       [wheezy] - tiff <no-dsa> (Minor issue)
        NOTE: 
https://github.com/vadz/libtiff/commit/ae9365db1b271b62b35ce018eac8799b1d5e8a53
 CVE-2016-9538 [Integer overflow leads to reading undefined buffer in 
readContigStripsIntoBuffer()]
        - tiff 4.0.7-1
+       [wheezy] - tiff <no-dsa> (Minor issue)
        NOTE: 
https://github.com/vadz/libtiff/commit/43c0b81a818640429317c80fea1e66771e85024b#diff-c8b4b355f9b5c06d585b23138e1c185f
 CVE-2016-9537 [Out-of-bounds write vulnerabilities in tools/tiffcrop.c]
        - tiff 4.0.7-1

Modified: data/dla-needed.txt
===================================================================
--- data/dla-needed.txt 2016-11-24 21:10:11 UTC (rev 46516)
+++ data/dla-needed.txt 2016-11-24 21:12:34 UTC (rev 46517)
@@ -110,3 +110,14 @@
   NOTE: 20161123: I'm currently working on three new CVEs which were disclosed 
yesterday.
 --
 hdf5
+--
+xen
+--
+lxc
+  NOTE: A privilege escalation of this should be seen as a problem.
+--
+w3m
+--
+tiff
+--
+libsoap-lite-perl


_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to