[Secure-testing-commits] r46983 - data/CVE

[Salvatore Bonaccorso]

Author: carnil
Date: 2016-12-12 08:23:02 +0000 (Mon, 12 Dec 2016)
New Revision: 46983

Modified:
   data/CVE/list
Log:
Mark bluez as no-dsa, need to fill bugreport

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2016-12-12 06:34:56 UTC (rev 46982)
+++ data/CVE/list       2016-12-12 08:23:02 UTC (rev 46983)
@@ -32,9 +32,11 @@
        NOTE: CVE for the "'cirrus_get_bpp' returns zero(0), which could lead 
to a divide by zero" issue.
 CVE-2016-9918 (In BlueZ 5.42, an out-of-bounds read was identified in 
"packet_hexdump" ...)
        - bluez <unfixed>
+       [jessie] - bluez <no-dsa> (Minor issue)
        NOTE: https://www.spinics.net/lists/linux-bluetooth/msg68898.html
 CVE-2016-9917 (In BlueZ 5.42, a buffer overflow was observed in 
&quot;read_n&quot; function in ...)
        - bluez <unfixed>
+       [jessie] - bluez <no-dsa> (Minor issue)
        NOTE: https://www.spinics.net/lists/linux-bluetooth/msg68892.html
 CVE-2016-9906
        RESERVED
@@ -7296,27 +7298,35 @@
        RESERVED
 CVE-2016-9804 (In BlueZ 5.42, a buffer overflow was observed in 
&quot;commands_dump&quot; ...)
        - bluez <unfixed>
+       [jessie] - bluez <no-dsa> (Minor issue)
        NOTE: https://www.spinics.net/lists/linux-bluetooth/msg68892.html
 CVE-2016-9803 (In BlueZ 5.42, an out-of-bounds read was observed in 
&quot;le_meta_ev_dump&quot; ...)
        - bluez <unfixed>
+       [jessie] - bluez <no-dsa> (Minor issue)
        NOTE: https://www.spinics.net/lists/linux-bluetooth/msg68892.html
 CVE-2016-9802 (In BlueZ 5.42, a buffer over-read was identified in 
&quot;l2cap_packet&quot; ...)
        - bluez <unfixed>
+       [jessie] - bluez <no-dsa> (Minor issue)
        NOTE: https://www.spinics.net/lists/linux-bluetooth/msg68898.html
 CVE-2016-9801 (In BlueZ 5.42, a buffer overflow was observed in 
&quot;set_ext_ctrl&quot; ...)
        - bluez <unfixed>
+       [jessie] - bluez <no-dsa> (Minor issue)
        NOTE: https://www.spinics.net/lists/linux-bluetooth/msg68892.html
 CVE-2016-9800 (In BlueZ 5.42, a buffer overflow was observed in 
&quot;pin_code_reply_dump&quot; ...)
        - bluez <unfixed>
+       [jessie] - bluez <no-dsa> (Minor issue)
        NOTE: https://www.spinics.net/lists/linux-bluetooth/msg68892.html
 CVE-2016-9799 (In BlueZ 5.42, a buffer overflow was observed in 
&quot;pklg_read_hci&quot; ...)
        - bluez <unfixed>
+       [jessie] - bluez <no-dsa> (Minor issue)
        NOTE: https://www.spinics.net/lists/linux-bluetooth/msg68898.html
 CVE-2016-9798 (In BlueZ 5.42, a use-after-free was identified in 
&quot;conf_opt&quot; function ...)
        - bluez <unfixed>
+       [jessie] - bluez <no-dsa> (Minor issue)
        NOTE: https://www.spinics.net/lists/linux-bluetooth/msg68892.html
 CVE-2016-9797 (In BlueZ 5.42, a buffer over-read was observed in 
&quot;l2cap_dump&quot; function ...)
        - bluez <unfixed>
+       [jessie] - bluez <no-dsa> (Minor issue)
        NOTE: https://www.spinics.net/lists/linux-bluetooth/msg68892.html
 CVE-2016-9794 [Linux kernel: ALSA: use-after-free in,kill_fasync]
        RESERVED


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits