Author: carnil Date: 2017-01-14 14:14:34 +0000 (Sat, 14 Jan 2017) New Revision: 48035
Modified: data/CVE/list Log: Record more fixes for jessie via 8.7 Modified: data/CVE/list =================================================================== --- data/CVE/list 2017-01-14 14:14:07 UTC (rev 48034) +++ data/CVE/list 2017-01-14 14:14:34 UTC (rev 48035) @@ -459,7 +459,7 @@ CVE-2017-5195 [Out of bounds read in certain incomplete control codes] RESERVED - irssi 0.8.21-1 (bug #850403) - [jessie] - irssi <no-dsa> (Minor issue) + [jessie] - irssi 0.8.17-1+deb8u3 [wheezy] - irssi <no-dsa> (Minor issue) NOTE: http://www.openwall.com/lists/oss-security/2017/01/05/2 NOTE: https://github.com/irssi/irssi/commit/6c6c42e3d1b49d90aacc0b67f8540471cae02a1d @@ -467,7 +467,7 @@ CVE-2017-5194 [Use after free when receiving invalid nick message] RESERVED - irssi 0.8.21-1 (bug #850403) - [jessie] - irssi <no-dsa> (Minor issue) + [jessie] - irssi 0.8.17-1+deb8u3 [wheezy] - irssi <no-dsa> (Minor issue) NOTE: http://www.openwall.com/lists/oss-security/2017/01/05/2 NOTE: https://github.com/irssi/irssi/commit/6c6c42e3d1b49d90aacc0b67f8540471cae02a1d @@ -475,7 +475,7 @@ CVE-2017-5193 [NULL pointer dereference in the nickcmp function] RESERVED - irssi 0.8.21-1 (bug #850403) - [jessie] - irssi <no-dsa> (Minor issue) + [jessie] - irssi 0.8.17-1+deb8u3 [wheezy] - irssi <no-dsa> (Minor issue) NOTE: http://www.openwall.com/lists/oss-security/2017/01/05/2 NOTE: https://github.com/irssi/irssi/commit/6c6c42e3d1b49d90aacc0b67f8540471cae02a1d @@ -4049,7 +4049,7 @@ NOTE: Cf. https://bugs.debian.org/847666 CVE-2016-9938 (An issue was discovered in Asterisk Open Source 11.x before 11.25.1, ...) - asterisk 1:13.13.1~dfsg-1 (bug #847668) - [jessie] - asterisk <no-dsa> (Minor issue) + [jessie] - asterisk 1:11.13.1~dfsg-2+deb8u2 [wheezy] - asterisk <no-dsa> (Minor issue) NOTE: http://downloads.asterisk.org/pub/security/AST-2016-009.html NOTE: Only applicable if a proxy is in use. @@ -30641,7 +30641,7 @@ NOT-FOR-US: Foxit CVE-2016-4074 (The jv_dump_term function in jq 1.5 allows remote attackers to cause a ...) - jq 1.5+dfsg-1.1 (low; bug #822456) - [jessie] - jq <no-dsa> (Minor issue) + [jessie] - jq 1.4-2.1+deb8u1 NOTE: https://github.com/stedolan/jq/issues/1136 NOTE: http://www.openwall.com/lists/oss-security/2016/04/24/3 CVE-2016-4069 (Cross-site request forgery (CSRF) vulnerability in Roundcube Webmail ...) @@ -30866,7 +30866,7 @@ NOTE: http://www.openwall.com/lists/oss-security/2016/04/20/5 CVE-2015-8863 (Off-by-one error in the tokenadd function in jv_parse.c in jq allows ...) - jq 1.5+dfsg-1.1 (low; bug #802231) - [jessie] - jq <no-dsa> (Minor issue) + [jessie] - jq 1.4-2.1+deb8u1 NOTE: https://github.com/stedolan/jq/issues/995 NOTE: https://github.com/stedolan/jq/commit/8eb1367ca44e772963e704a700ef72ae2e12babd NOTE: http://www.openwall.com/lists/oss-security/2016/04/23/1 _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits