[Secure-testing-commits] r48026 - data/CVE

Sat, 14 Jan 2017 05:08:42 -0800 

Author: carnil
Date: 2017-01-14 13:08:22 +0000 (Sat, 14 Jan 2017)
New Revision: 48026

Modified:
   data/CVE/list
Log:
Add some of the fixes included in 8.7

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2017-01-14 12:10:16 UTC (rev 48025)
+++ data/CVE/list       2017-01-14 13:08:22 UTC (rev 48026)
@@ -19883,7 +19883,7 @@
 CVE-2016-7405 (The qstr method in the PDO driver in the ADOdb Library for PHP 
before ...)
        {DLA-620-1}
        - libphp-adodb 5.20.6-1 (bug #837211)
-       [jessie] - libphp-adodb <no-dsa> (Minor issue, can be fixed via point 
release)
+       [jessie] - libphp-adodb 5.15-1+deb8u1
        NOTE: https://github.com/ADOdb/ADOdb/issues/226
        NOTE: https://github.com/ADOdb/ADOdb/commit/bd9eca9
        NOTE: Issue only with the PDO driver and only if queries built by 
inlining
@@ -20948,7 +20948,7 @@
        RESERVED
        {DLA-598-1}
        - suckless-tools 41-1
-       [jessie] - suckless-tools <no-dsa> (Minor issue)
+       [jessie] - suckless-tools 40-1+deb8u2
        NOTE: http://www.openwall.com/lists/oss-security/2016/08/18/22
        NOTE: http://s1m0n.dft-labs.eu/files/slock/
        NOTE: Starting with 41-1 slock.c got patched to use PAM, cf. #739629
@@ -22654,7 +22654,7 @@
 CVE-2016-6342 [posting entry as arbitrary username by improper authentication]
        RESERVED
        - elog 3.1.2-1-1 (bug #836505)
-       [jessie] - elog <no-dsa> (Minor issue, can be fixed via a point release)
+       [jessie] - elog 2.9.2+2014.05.11git44800a7-2+deb8u1
        NOTE: 
https://bitbucket.org/ritt/elog/commits/2f6a300572bd6048351af8c45394ae62230c83d9
        NOTE: 
https://bitbucket.org/ritt/elog/commits/9ca611aca2b1860efac15f806bf907cc2e6f870a/
 CVE-2016-6341
@@ -27857,7 +27857,7 @@
 CVE-2016-5017 (Buffer overflow in the C cli shell in Apache Zookeeper before 
3.4.9 ...)
        {DLA-630-1}
        - zookeeper 3.4.9-1
-       [jessie] - zookeeper <no-dsa> (Minor issue, can be fixed in point 
release)
+       [jessie] - zookeeper 3.4.5+dfsg-2+deb8u1
        NOTE: The C cli shell is intended as a sample/example of how to use the 
C
        NOTE: client interface, not as a production tool
        NOTE: https://zookeeper.apache.org/security.html#CVE-2016-5017
@@ -28558,6 +28558,7 @@
        RESERVED
        {DLA-620-1}
        - libphp-adodb 5.20.6-1 (unimportant; bug #837418)
+       [jessie] - libphp-adodb 5.15-1+deb8u1
        NOTE: https://github.com/ADOdb/ADOdb/issues/274
        NOTE: https://jvn.jp/en/jp/JVN48237713/
        NOTE: https://github.com/ADOdb/ADOdb/commit/ecb93d8c1
@@ -40328,7 +40329,7 @@
 CVE-2016-1239 [loads arbitrary code from the current untrusted directory]
        RESERVED
        - duck 0.10
-       [jessie] - duck <no-dsa> (Will be fixed via point release)
+       [jessie] - duck 0.7+deb8u1
        NOTE: 
https://anonscm.debian.org/cgit/collab-maint/duck.git/commit/?id=b43b5bbf07973c54b8f1c581a941f4facc97177a
 (0.10)
 CVE-2016-1238 ((1) cpan/Archive-Tar/bin/ptar, (2) 
cpan/Archive-Tar/bin/ptardiff, (3) ...)
        {DSA-3628-1 DLA-584-1 DLA-565-1}


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to