Author: carnil Date: 2017-11-28 20:22:18 +0000 (Tue, 28 Nov 2017) New Revision: 58092
Modified: data/CVE/list Log: Several issues fixed for radare2 in unstable Modified: data/CVE/list =================================================================== --- data/CVE/list 2017-11-28 20:20:46 UTC (rev 58091) +++ data/CVE/list 2017-11-28 20:22:18 UTC (rev 58092) @@ -2241,7 +2241,7 @@ CVE-2017-16806 (The Process function in RemoteTaskServer/WebServer/HttpServer.cs in ...) NOT-FOR-US: Ulterius CVE-2017-16805 (In radare2 2.0.1, libr/bin/dwarf.c allows remote attackers to cause a ...) - - radare2 <unfixed> (bug #882134) + - radare2 2.1.0+dfsg-1 (bug #882134) [stretch] - radare2 <no-dsa> (Minor issue) [jessie] - radare2 <no-dsa> (Minor issue) [wheezy] - radare2 <not-affected> (Vulnerable code does not exist; no dwarf support) @@ -3353,7 +3353,7 @@ CVE-2017-16360 RESERVED CVE-2017-16359 (In radare 2.0.1, a pointer wraparound vulnerability exists in ...) - - radare2 <unfixed> (bug #880616) + - radare2 2.1.0+dfsg-1 (bug #880616) [stretch] - radare2 <no-dsa> (Minor issue) [jessie] - radare2 <not-affected> (Vulnerable code introduced later) [wheezy] - radare2 <not-affected> (Vulnerable code introduced later) @@ -3362,14 +3362,14 @@ NOTE: https://github.com/radare/radare2/commit/fbaf24bce7ea4211e4608b3ab6c1b45702cb243d NOTE: https://github.com/radare/radare2/issues/8764 CVE-2017-16358 (In radare 2.0.1, an out-of-bounds read vulnerability exists in ...) - - radare2 <unfixed> (bug #880619) + - radare2 2.1.0+dfsg-1 (bug #880619) [stretch] - radare2 <not-affected> (Vulnerable code introduced later) [jessie] - radare2 <not-affected> (Vulnerable code introduced later) [wheezy] - radare2 <not-affected> (Vulnerable code introduced later) NOTE: https://github.com/radare/radare2/commit/d31c4d3cbdbe01ea3ded16a584de94149ecd31d9 NOTE: https://github.com/radare/radare2/issues/8748 CVE-2017-16357 (In radare 2.0.1, a memory corruption vulnerability exists in ...) - - radare2 <unfixed> (bug #880620) + - radare2 2.1.0+dfsg-1 (bug #880620) [stretch] - radare2 <no-dsa> (Minor issue) [jessie] - radare2 <not-affected> (Vulnerable code introduced later) [wheezy] - radare2 <not-affected> (Vulnerable code introduced later) @@ -4707,14 +4707,14 @@ CVE-2017-15933 (SQL injection vulnerability vulnerability in the EyesOfNetwork web ...) NOT-FOR-US: EyesOfNetwork (EON) CVE-2017-15932 (In radare2 2.0.1, an integer exception (negative number leading to an ...) - - radare2 <unfixed> (bug #880024) + - radare2 2.1.0+dfsg-1 (bug #880024) [stretch] - radare2 <no-dsa> (Minor issue) [jessie] - radare2 <not-affected> (Vulnerable code introduced in 0.10.2) [wheezy] - radare2 <not-affected> (Vulnerable code introduced in 0.10.2) NOTE: https://github.com/radare/radare2/commit/44ded3ff35b8264f54b5a900cab32ec489d9e5b9 NOTE: https://github.com/radare/radare2/issues/8743 CVE-2017-15931 (In radare2 2.0.1, an integer exception (negative number leading to an ...) - - radare2 <unfixed> (bug #880025) + - radare2 2.1.0+dfsg-1 (bug #880025) [stretch] - radare2 <no-dsa> (Minor issue) [jessie] - radare2 <not-affected> (Vulnerable code introduced in 0.10.2) [wheezy] - radare2 <not-affected> (Vulnerable code introduced in 0.10.2) @@ -6025,7 +6025,7 @@ [jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020) [wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy) CVE-2017-15385 (The store_versioninfo_gnu_verdef function in libr/bin/format/elf/elf.c ...) - - radare2 <unfixed> (bug #879119) + - radare2 2.1.0+dfsg-1 (bug #879119) [stretch] - radare2 <no-dsa> (Minor issue) [jessie] - radare2 <not-affected> (Vulnerable code introduced in 0.10.2) [wheezy] - radare2 <not-affected> (Vulnerable code introduced in 0.10.2) @@ -6078,7 +6078,7 @@ NOTE: Introduced by: http://git.ghostscript.com/?p=mupdf.git;h=2707fa9e8e6d17d794330e719dec1b08161fb045 NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=698592 CVE-2017-15368 (The wasm_dis function in libr/asm/arch/wasm/wasm.c in radare2 2.0.0 ...) - - radare2 <unfixed> (bug #878767) + - radare2 2.1.0+dfsg-1 (bug #878767) [stretch] - radare2 <not-affected> (Vulnerable code introduced in 2.0.0) [jessie] - radare2 <not-affected> (Vulnerable code introduced in 2.0.0) [wheezy] - radare2 <not-affected> (Vulnerable code introduced in 2.0.0) _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits