[Secure-testing-commits] r42377 - in data: . CVE

Salvatore Bonaccorso Tue, 07 Jun 2016 04:48:19 -0700

Author: carnil
Date: 2016-06-07 11:47:22 +0000 (Tue, 07 Jun 2016)
New Revision: 42377


Modified:
   data/CVE/list
   data/next-point-update.txt
Log:
Fix policykit-1 entries, were not included in jessie point release

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2016-06-07 11:43:45 UTC (rev 42376)
+++ data/CVE/list       2016-06-07 11:47:22 UTC (rev 42377)
@@ -28684,7 +28684,7 @@
 CVE-2015-4625 (Integer overflow in the authentication_agent_new_cookie 
function in ...)
        [experimental] - policykit-1 0.113-1
        - policykit-1 0.105-12 (low; bug #796134)
-       [jessie] - policykit-1 0.105-15~deb8u1
+       [jessie] - policykit-1 <no-dsa> (Minor issue)
        [wheezy] - policykit-1 <no-dsa> (Minor issue)
        [squeeze] - policykit-1 <no-dsa> (Minor issue)
        NOTE: 
http://lists.freedesktop.org/archives/polkit-devel/2015-May/000419.html
@@ -31441,7 +31441,7 @@
 CVE-2015-3255 (The polkit_backend_action_pool_init function in ...)
        [experimental] - policykit-1 0.113-1
        - policykit-1 0.105-12 (bug #796134)
-       [jessie] - policykit-1 0.105-15~deb8u1
+       [jessie] - policykit-1 <no-dsa> (Minor issue)
        [wheezy] - policykit-1 <no-dsa> (Minor issue)
        [squeeze] - policykit-1 <no-dsa> (Minor issue)
        NOTE: 
http://cgit.freedesktop.org/polkit/commit/?id=9f5e0c731784003bd4d6fc75ab739ff8b2ea269f
@@ -31628,7 +31628,7 @@
 CVE-2015-3218 (The authentication_agent_new function in ...)
        [experimental] - policykit-1 0.113-1
        - policykit-1 0.105-11 (bug #787932)
-       [jessie] - policykit-1 0.105-15~deb8u1
+       [jessie] - policykit-1 <no-dsa> (Minor issue)
        [wheezy] - policykit-1 <no-dsa> (Minor issue)
        [squeeze] - policykit-1 <not-affected> (Vulnerable code introduced 
later)
        NOTE: 
http://lists.freedesktop.org/archives/polkit-devel/2015-May/000420.html

Modified: data/next-point-update.txt
===================================================================
--- data/next-point-update.txt  2016-06-07 11:43:45 UTC (rev 42376)
+++ data/next-point-update.txt  2016-06-07 11:47:22 UTC (rev 42377)
@@ -10,3 +10,9 @@
        [jessie] - ruby2.1 2.1.5-2+deb8u3
 CVE-2015-7551
        [jessie] - ruby2.1 2.1.5-2+deb8u3
+CVE-2015-3255
+       [jessie] - policykit-1 0.105-15~deb8u1
+CVE-2015-4625
+       [jessie] - policykit-1 0.105-15~deb8u1
+CVE-2015-3218
+       [jessie] - policykit-1 0.105-15~deb8u1


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r42377 - in data: . CVE

Reply via email to