[Secure-testing-commits] r58092 - data/CVE

Salvatore Bonaccorso Tue, 28 Nov 2017 12:22:38 -0800

Author: carnil
Date: 2017-11-28 20:22:18 +0000 (Tue, 28 Nov 2017)
New Revision: 58092


Modified:
   data/CVE/list
Log:
Several issues fixed for radare2 in unstable

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2017-11-28 20:20:46 UTC (rev 58091)
+++ data/CVE/list       2017-11-28 20:22:18 UTC (rev 58092)
@@ -2241,7 +2241,7 @@
 CVE-2017-16806 (The Process function in 
RemoteTaskServer/WebServer/HttpServer.cs in ...)
        NOT-FOR-US: Ulterius
 CVE-2017-16805 (In radare2 2.0.1, libr/bin/dwarf.c allows remote attackers to 
cause a ...)
-       - radare2 <unfixed> (bug #882134)
+       - radare2 2.1.0+dfsg-1 (bug #882134)
        [stretch] - radare2 <no-dsa> (Minor issue)
        [jessie] - radare2 <no-dsa> (Minor issue)
        [wheezy] - radare2 <not-affected> (Vulnerable code does not exist; no 
dwarf support)
@@ -3353,7 +3353,7 @@
 CVE-2017-16360
        RESERVED
 CVE-2017-16359 (In radare 2.0.1, a pointer wraparound vulnerability exists in 
...)
-       - radare2 <unfixed> (bug #880616)
+       - radare2 2.1.0+dfsg-1 (bug #880616)
        [stretch] - radare2 <no-dsa> (Minor issue)
        [jessie] - radare2 <not-affected> (Vulnerable code introduced later)
        [wheezy] - radare2 <not-affected> (Vulnerable code introduced later)
@@ -3362,14 +3362,14 @@
        NOTE: 
https://github.com/radare/radare2/commit/fbaf24bce7ea4211e4608b3ab6c1b45702cb243d
        NOTE: https://github.com/radare/radare2/issues/8764
 CVE-2017-16358 (In radare 2.0.1, an out-of-bounds read vulnerability exists in 
...)
-       - radare2 <unfixed> (bug #880619)
+       - radare2 2.1.0+dfsg-1 (bug #880619)
        [stretch] - radare2 <not-affected> (Vulnerable code introduced later)
        [jessie] - radare2 <not-affected> (Vulnerable code introduced later)
        [wheezy] - radare2 <not-affected> (Vulnerable code introduced later)
        NOTE: 
https://github.com/radare/radare2/commit/d31c4d3cbdbe01ea3ded16a584de94149ecd31d9
        NOTE: https://github.com/radare/radare2/issues/8748
 CVE-2017-16357 (In radare 2.0.1, a memory corruption vulnerability exists in 
...)
-       - radare2 <unfixed> (bug #880620)
+       - radare2 2.1.0+dfsg-1 (bug #880620)
        [stretch] - radare2 <no-dsa> (Minor issue)
        [jessie] - radare2 <not-affected> (Vulnerable code introduced later)
        [wheezy] - radare2 <not-affected> (Vulnerable code introduced later)
@@ -4707,14 +4707,14 @@
 CVE-2017-15933 (SQL injection vulnerability vulnerability in the EyesOfNetwork 
web ...)
        NOT-FOR-US: EyesOfNetwork (EON)
 CVE-2017-15932 (In radare2 2.0.1, an integer exception (negative number 
leading to an ...)
-       - radare2 <unfixed> (bug #880024)
+       - radare2 2.1.0+dfsg-1 (bug #880024)
        [stretch] - radare2 <no-dsa> (Minor issue)
        [jessie] - radare2 <not-affected> (Vulnerable code introduced in 0.10.2)
        [wheezy] - radare2 <not-affected> (Vulnerable code introduced in 0.10.2)
        NOTE: 
https://github.com/radare/radare2/commit/44ded3ff35b8264f54b5a900cab32ec489d9e5b9
        NOTE: https://github.com/radare/radare2/issues/8743
 CVE-2017-15931 (In radare2 2.0.1, an integer exception (negative number 
leading to an ...)
-       - radare2 <unfixed> (bug #880025)
+       - radare2 2.1.0+dfsg-1 (bug #880025)
        [stretch] - radare2 <no-dsa> (Minor issue)
        [jessie] - radare2 <not-affected> (Vulnerable code introduced in 0.10.2)
        [wheezy] - radare2 <not-affected> (Vulnerable code introduced in 0.10.2)
@@ -6025,7 +6025,7 @@
        [jessie] - chromium-browser <end-of-life> (End of life, see DSA 4020)
        [wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
 CVE-2017-15385 (The store_versioninfo_gnu_verdef function in 
libr/bin/format/elf/elf.c ...)
-       - radare2 <unfixed> (bug #879119)
+       - radare2 2.1.0+dfsg-1 (bug #879119)
        [stretch] - radare2 <no-dsa> (Minor issue)
        [jessie] - radare2 <not-affected> (Vulnerable code introduced in 0.10.2)
        [wheezy] - radare2 <not-affected> (Vulnerable code introduced in 0.10.2)
@@ -6078,7 +6078,7 @@
        NOTE: Introduced by: 
http://git.ghostscript.com/?p=mupdf.git;h=2707fa9e8e6d17d794330e719dec1b08161fb045
        NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=698592
 CVE-2017-15368 (The wasm_dis function in libr/asm/arch/wasm/wasm.c in radare2 
2.0.0 ...)
-       - radare2 <unfixed> (bug #878767)
+       - radare2 2.1.0+dfsg-1 (bug #878767)
        [stretch] - radare2 <not-affected> (Vulnerable code introduced in 2.0.0)
        [jessie] - radare2 <not-affected> (Vulnerable code introduced in 2.0.0)
        [wheezy] - radare2 <not-affected> (Vulnerable code introduced in 2.0.0)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r58092 - data/CVE

Reply via email to