Author: joeyh
Date: 2014-11-07 21:14:27 +0000 (Fri, 07 Nov 2014)
New Revision: 29909
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-11-07 18:15:07 UTC (rev 29908)
+++ data/CVE/list 2014-11-07 21:14:27 UTC (rev 29909)
@@ -317,6 +317,7 @@
RESERVED
CVE-2014-8476 [getlogin kernel memory disclosure]
RESERVED
+ {DSA-3070-1}
- kfreebsd-10 <unfixed> (bug #768108)
- kfreebsd-9 <removed> (bug #768104)
- kfreebsd-8 <removed> (bug #768106)
@@ -351,7 +352,7 @@
RESERVED
CVE-2014-8483 [out-of-bounds read on a heap-allocated array]
RESERVED
- {DSA-3063-1}
+ {DSA-3068-1 DSA-3063-1}
- quassel <unfixed> (bug #766962)
NOTE:
https://github.com/quassel/quassel/commit/8b5ecd226f9208af3074b33d3b7cf5e14f55b138
NOTE: http://bugs.quassel-irc.org/issues/1314
@@ -8126,7 +8127,7 @@
- tor 0.2.4.23-1
[squeeze] - tor 0.2.4.23-1~deb6u1
CVE-2014-5116 (The cairo_image_surface_get_data function in Cairo 1.10.2, as
used in ...)
- NOTE: This is non-security bug in Wireshark, not in Cairo
+ NOTE: This is non-security bug in Wireshark, not in Cairo
CVE-2014-5077 (The sctp_assoc_update function in net/sctp/associola.c in the
Linux ...)
- linux 3.14.15-1
[wheezy] - linux 3.2.63-1
@@ -10753,12 +10754,14 @@
CVE-2014-3954 (Stack-based buffer overflow in rtsold in FreeBSD 9.1 through
10.1-RC2 ...)
NOT-FOR-US: FreeBSD rtsold
CVE-2014-3953 (FreeBSD 8.4 before p14, 9.1 before p17, 9.2 before p10, and
10.0 ...)
+ {DSA-3070-1}
- kfreebsd-8 <removed>
[wheezy] - kfreebsd-8 <no-dsa> (kfreebsd-8 only a test kernel, will be
fixed in a point update)
[squeeze] - kfreebsd-8 <end-of-life> (Unsupported in squeeze-lts)
- kfreebsd-9 <removed> (bug #754237)
- kfreebsd-10 10.1~svn272463-1
CVE-2014-3952 (FreeBSD 8.4 before p14, 9.1 before p17, 9.2 before p10, and
10.0 ...)
+ {DSA-3070-1}
- kfreebsd-8 <removed>
[squeeze] - kfreebsd-8 <end-of-life> (Unsupported in squeeze-lts)
[wheezy] - kfreebsd-8 <no-dsa> (kfreebsd-8 only a test kernel, will be
fixed in a point update)
@@ -11314,6 +11317,7 @@
CVE-2014-3712 (Katello allows remote attackers to cause a denial foser service
...)
NOT-FOR-US: Katello
CVE-2014-3711 (namei in FreeBSD 9.1 through 10.1-RC2 allows remote attackers
to cause ...)
+ {DSA-3070-1}
- kfreebsd-9 <removed> (bug #766275)
- kfreebsd-10 10.1~svn273874-1 (bug #766278)
CVE-2014-3710 [out-of-bounds read in elf note headers]
@@ -11332,6 +11336,7 @@
NOTE: affected versions up to 2014.1.3, and 2014.2
CVE-2014-3707 [duphandle read out of bounds]
RESERVED
+ {DSA-3069-1}
- curl 7.38.0-3
NOTE: http://curl.haxx.se/docs/adv_20141105.html
NOTE: Upstream commit:
https://github.com/bagder/curl/commit/b3875606925536f82fc61f3114ac42f29eaf6945
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
