[Secure-testing-commits] r47433 - data/CVE

security tracker role Sun, 25 Dec 2016 13:11:19 -0800

Author: sectracker
Date: 2016-12-25 21:10:13 +0000 (Sun, 25 Dec 2016)
New Revision: 47433


Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2016-12-25 21:08:19 UTC (rev 47432)
+++ data/CVE/list       2016-12-25 21:10:13 UTC (rev 47433)
@@ -549,7 +549,7 @@
        NOTE: http://www.openwall.com/lists/oss-security/2016/12/17/1
 CVE-2016-10002 [Issue #1, cookie headers and other client-specific private 
infformation leak]
        RESERVED
-       {DSA-3745-1}
+       {DSA-3745-1 DLA-763-1}
        - squid3 3.5.23-1 (bug #848493)
        NOTE: http://www.squid-cache.org/Advisories/SQUID-2016_11.txt
        NOTE: http://bugs.squid-cache.org/show_bug.cgi?id=4169
@@ -573,6 +573,7 @@
        NOTE: Upstream patch: 
https://github.com/bottlepy/bottle/commit/6d7e13da0f998820800ecb3fe9ccee4189aefb54
 CVE-2016-9963 [disclosure of private information]
        RESERVED
+       {DSA-3747-1 DLA-762-1}
        - exim4 4.88~RC6-2
        NOTE: https://bugs.exim.org/show_bug.cgi?id=1996
        NOTE: http://www.openwall.com/lists/oss-security/2016/12/16/1
@@ -743,6 +744,7 @@
        NOTE: Fixed by: 
http://git.qemu.org/?p=qemu.git;a=commit;h=a4afa548fc6dd9842ed86639b4d37d4d1c4ad480
 (v2.8.0-rc0)
 CVE-2016-9922 [display: cirrus_vga: a divide by zero in cirrus_do_copy]
        RESERVED
+       {DLA-764-1}
        - qemu <unfixed> (bug #847960)
        [jessie] - qemu <no-dsa> (Minor issue)
        - qemu-kvm <removed>
@@ -752,6 +754,7 @@
        NOTE: CVE for the "blit pitch values" issue.
 CVE-2016-9921 [display: cirrus_vga: a divide by zero in cirrus_do_copy]
        RESERVED
+       {DLA-764-1}
        - qemu <unfixed> (bug #847960)
        [jessie] - qemu <no-dsa> (Minor issue)
        - qemu-kvm <removed>
@@ -1936,7 +1939,7 @@
        NOTE: Fixed by: 
http://git.qemu.org/?p=qemu.git;a=commit;h=898ae90a44551d25b8e956fd87372d303c82fe68
 (v2.8.0-rc2)
        NOTE: Proxy filesystem driver introduced in: 
http://git.qemu.org/?p=qemu.git;a=commit;h=4c793dda22213a7aba8e4d9a814e8f368a5f8bf7
 (v1.0-rc0)
        NOTE: http://www.openwall.com/lists/oss-security/2016/12/06/11
-        NOTE: Minor issue, virtfs-proxy-helper not present in wheezy, see 
debian-lts ML: https://lists.debian.org/debian-lts/2016/12/msg00136.html
+       NOTE: Minor issue, virtfs-proxy-helper not present in wheezy, see 
debian-lts ML: https://lists.debian.org/debian-lts/2016/12/msg00136.html
 CVE-2016-9915 [9pfs: add cleanup operation for handle backend driver]
        RESERVED
        - qemu <unfixed> (bug #847496)
@@ -1950,7 +1953,7 @@
        NOTE: Fixed by: 
http://git.qemu.org/?p=qemu.git;a=commit;h=971f406b77a6eb84e0ad27dcc416b663765aee30
 (v2.8.0-rc2)
        NOTE: handle based fs driver introduced in: 
http://git.qemu.org/?p=qemu.git;a=commit;h=5f5422258e1f50f871bafcc5bfb2b498f414a310
 (v1.0-rc0)
        NOTE: http://www.openwall.com/lists/oss-security/2016/12/06/11
-        NOTE: proxy driver not included during compilation in wheezy, see 
debian-lts ML: https://lists.debian.org/debian-lts/2016/12/msg00136.html
+       NOTE: proxy driver not included during compilation in wheezy, see 
debian-lts ML: https://lists.debian.org/debian-lts/2016/12/msg00136.html
 CVE-2016-9914 [9pfs: add cleanup operation in FileOperations]
        RESERVED
        - qemu <unfixed> (bug #847496)
@@ -1963,8 +1966,8 @@
        NOTE: 
https://lists.gnu.org/archive/html/qemu-devel/2016-11/msg03278.html
        NOTE: Fixed by: 
http://git.qemu.org/?p=qemu.git;a=commit;h=702dbcc274e2ca43be20ba64c758c0ca57dab91d
 (v2.8.0-rc2)
        NOTE: http://www.openwall.com/lists/oss-security/2016/12/06/11
-        NOTE: proxy and handle drivers not included during compilation in 
wheezy, so the cleanup function is never implemented:
-        NOTE: see debian-lts ML: 
https://lists.debian.org/debian-lts/2016/12/msg00136.html
+       NOTE: proxy and handle drivers not included during compilation in 
wheezy, so the cleanup function is never implemented:
+       NOTE: see debian-lts ML: 
https://lists.debian.org/debian-lts/2016/12/msg00136.html
 CVE-2016-9913 [9pfs: adjust the order of resource cleanup in device unrealize]
        RESERVED
        - qemu <unfixed> (bug #847496)
@@ -1979,6 +1982,7 @@
        NOTE: http://www.openwall.com/lists/oss-security/2016/12/06/11
 CVE-2016-9911 [usb: ehci: memory leakage in ehci_init_transfer]
        RESERVED
+       {DLA-764-1}
        - qemu <unfixed> (bug #847951)
        [jessie] - qemu <no-dsa> (Minor issue)
        - qemu-kvm <removed>


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r47433 - data/CVE

Reply via email to