Author: jmm Date: 2016-12-26 18:11:27 +0000 (Mon, 26 Dec 2016) New Revision: 47447
Modified: data/CVE/list Log: drop older gvfs issue which never got a a CVE ID this is a plain bug, a malicious WebDAV could do more worse to the client Modified: data/CVE/list =================================================================== --- data/CVE/list 2016-12-26 16:15:57 UTC (rev 47446) +++ data/CVE/list 2016-12-26 18:11:27 UTC (rev 47447) @@ -43352,12 +43352,6 @@ [wheezy] - audiofile <no-dsa> (Minor issue) [squeeze] - audiofile <not-affected> (Vulnerable code introduced later) NOTE: http://www.openwall.com/lists/oss-security/2015/10/06/2 -CVE-2015-XXXX [gvfsd-dav: null pointer dereference if server response is not escaped] - - gvfs 1.23.90-1 - [jessie] - gvfs <no-dsa> (Minor issue) - [wheezy] - gvfs <no-dsa> (Minor issue) - [squeeze] - gvfs <no-dsa> (Minor issue) - NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/10/06/3 CVE-2015-7705 [An attacker can forge packets that claim to be from the target and send them to servers often enough that a server that implements KoD rate limiting will send the target machine a KoD response to attempt to reduce the rate of incoming packets] RESERVED - ntp 1:4.2.8p4+dfsg-3 _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits