Author: sectracker
Date: 2015-04-26 09:10:17 +0000 (Sun, 26 Apr 2015)
New Revision: 33854
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-04-26 08:55:38 UTC (rev 33853)
+++ data/CVE/list 2015-04-26 09:10:17 UTC (rev 33854)
@@ -171,6 +171,7 @@
NOTE: https://bugs.php.net/bug.php?id=68819
CVE-2015-3339 [chown() was racy relative to execve()]
RESERVED
+ {DSA-3237-1}
- linux 3.16.7-ckt9-3
- linux-2.6 <removed>
NOTE: Fixed by:
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8b01fc86b9f425899f8a3a8fc1c47d73c2c20543
@@ -881,6 +882,7 @@
NOTE: https://cxsecurity.com/issue/WLB-2015040075
CVE-2015-3331 [Buffer overruns in Linux kernel RFC4106 implementation using
AESNI]
RESERVED
+ {DSA-3237-1}
- linux 3.16.7-ckt9-3 (bug #782561)
- linux-2.6 <removed>
[squeeze] - linux-2.6 <not-affected> (Vulnerable code introduced in
v2.6.38-rc1)
@@ -1081,6 +1083,7 @@
NOTE: http://www.openwall.com/lists/oss-security/2015/04/08/8
CVE-2014-9715 [DoS -- OOPS NULL pointer dereference in nf_nat_setup_info+0x471]
RESERVED
+ {DSA-3237-1}
- linux 3.14.5-1 (bug #741667)
- linux-2.6 <not-affected> (Introduced in 3.6)
NOTE: http://marc.info/?l=netfilter-devel&m=140112364215200&w=2
@@ -1395,6 +1398,7 @@
NOTE:
https://lists.freebsd.org/pipermail/freebsd-net/2015-April/041934.html
CVE-2015-2922 [IPv6 Hop limit lowering via RA messages]
RESERVED
+ {DSA-3237-1}
- linux 3.16.7-ckt9-1
- linux-2.6 <removed>
NOTE: Upstream commit:
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6fd99094de2b83d1d4c8457f2c83483b2828e75a
@@ -1439,6 +1443,7 @@
NOT-FOR-US: SAP NetWeaver Portal
CVE-2015-2830 [Linux mishandles int80 fork from 64-bit tasks]
RESERVED
+ {DSA-3237-1}
- linux 3.16.7-ckt9-1
- linux-2.6 <removed>
NOTE: Upstream commit:
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=956421fbb74c3a6261903f3836c0740187cf038b
(v4.0-rc3)
@@ -3305,6 +3310,7 @@
[squeeze] - xen <end-of-life> (Not supported in Squeeze LTS)
NOTE: http://xenbits.xen.org/xsa/advisory-123.html
CVE-2015-2150 (Xen 3.3.x through 4.5.x and the Linux kernel through 3.19.1 do
not ...)
+ {DSA-3237-1}
- linux 3.16.7-ckt9-1
- linux-2.6 <not-affected> (xen-pciback introduced in 3.1)
NOTE: http://xenbits.xen.org/xsa/advisory-120.html
@@ -3952,12 +3958,14 @@
CVE-2015-1879 (Cross-site scripting (XSS) vulnerability in the Google Doc
Embedder ...)
NOT-FOR-US: Google Doc Embedder plugin for WordPress
CVE-2015-2042 (net/rds/sysctl.c in the Linux kernel before 3.19 uses an
incorrect ...)
+ {DSA-3237-1}
- linux 3.16.7-ckt9-1
- linux-2.6 <removed>
[squeeze] - linux-2.6 <no-dsa> (Minor issue)
NOTE: Upstream commit:
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=db27ebb111e9f69efece08e4cb6a34ff980f8896
(v3.19)
NOTE: (earliest) introduced in
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=3e5048495c8569bfdd552750e0315973c61e7c93
(v2.6.30-rc1)
CVE-2015-2041 (net/llc/sysctl_net_llc.c in the Linux kernel before 3.19 uses
an ...)
+ {DSA-3237-1}
- linux 3.16.7-ckt9-1
- linux-2.6 <removed>
[squeeze] - linux-2.6 <no-dsa> (Minor issue)
@@ -13715,6 +13723,7 @@
NOTE: Upstream commit:
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=db29a9508a9246e77087c5531e45b2c88ec6988b
(v3.18-rc1)
NOTE: http://www.spinics.net/lists/netfilter-devel/msg33430.html
CVE-2014-8159 (The InfiniBand (IB) implementation in the Linux kernel package
before ...)
+ {DSA-3237-1}
- linux 3.16.7-ckt9-1
- linux-2.6 <removed>
CVE-2014-8158 (Multiple stack-based buffer overflows in jpc_qmfb.c in JasPer
1.900.1 ...)
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
