Author: fgeek-guest Date: 2015-03-24 18:21:49 +0000 (Tue, 24 Mar 2015) New Revision: 33120
Modified: data/CVE/list Log: CVE-2015-2688/tor Modified: data/CVE/list =================================================================== --- data/CVE/list 2015-03-24 18:20:07 UTC (rev 33119) +++ data/CVE/list 2015-03-24 18:21:49 UTC (rev 33120) @@ -1,10 +1,15 @@ -CVE-2015-2688 CVE-2015-2689 [Assertion failure in dns.c, possibly connected to UDP DoS attack] - tor 0.2.5.11-1 [wheezy] - tor 0.2.4.26-1 [squeeze] - tor 0.2.4.26-1~deb6u1 NOTE: added workaround, add to data/D[L|S]A/list NOTE: https://bugs.torproject.org/14129 +CVE-2015-2688 [relay could crash with an assertion] + - tor 0.2.5.11-1 + [wheezy] - tor 0.2.4.26-1 + [squeeze] - tor 0.2.4.26-1~deb6u1 + NOTE: added workaround, add to data/D[L|S]A/list + NOTE: https://trac.torproject.org/projects/tor/ticket/15083 CVE-2015-2687 [information leak when live-migration failed] - nova <unfixed> NOTE: https://bugs.launchpad.net/nova/+bug/1419577 @@ -667,13 +672,6 @@ - qemu-kvm <removed> NOTE: http://git.qemu.org/?p=qemu.git;a=commitdiff;h=3251bdcf1c67427d964517053c3d185b46e618e8 (v2.2.0-rc2) NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/03/24/4 -CVE-2015-XXXX [relay could crash with an assertion] - - tor 0.2.5.11-1 - [wheezy] - tor 0.2.4.26-1 - [squeeze] - tor 0.2.4.26-1~deb6u1 - NOTE: added workaround, add to data/D[L|S]A/list - NOTE: https://trac.torproject.org/projects/tor/ticket/15083 - NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/03/23/17 CVE-2015-2686 [sys_sendto/sys_recvfrom does not validate the user provided ubuf pointer] - linux <not-affected> (Introduced in 3.19, never uploaded to unstable) - linux-2.6 <not-affected> (Introduced in 3.19, never uploaded to unstable) _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits