[Git][security-tracker-team/security-tracker][master] 3 commits: CVE-2016-4804 will be fixed

Sat, 30 May 2020 08:42:57 -0700 


Thorsten Alteholz pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
a15884e6 by Thorsten Alteholz at 2020-05-30T17:41:25+02:00
CVE-2016-4804 will be fixed

- - - - -
9d006fd0 by Thorsten Alteholz at 2020-05-30T17:41:55+02:00
CVE-2015-8872 will be fixed

- - - - -
d1b7594c by Thorsten Alteholz at 2020-05-30T17:42:13+02:00
Reserve DLA-2224-1 for dosfstools

- - - - -


2 changed files:

- data/CVE/list
- data/DLA/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -212961,7 +212961,6 @@ CVE-2016-4805 (Use-after-free vulnerability in 
drivers/net/ppp/ppp_generic.c in
 CVE-2016-4804 (The read_boot function in boot.c in dosfstools before 4.0 
allows attac ...)
        {DLA-474-1}
        - dosfstools 4.0-1
-       [jessie] - dosfstools <no-dsa> (Minor issue)
        NOTE: https://github.com/dosfstools/dosfstools/issues/25
        NOTE: https://github.com/dosfstools/dosfstools/issues/26
        NOTE: 
https://github.com/dosfstools/dosfstools/commit/e8eff147e9da1185f9afd5b25948153a3b97cf52
@@ -214051,7 +214050,6 @@ CVE-2016-4423 (The attemptAuthentication function in 
Component/Security/Http/Fir
 CVE-2015-8872 (The set_fat function in fat.c in dosfstools before 4.0 might 
allow att ...)
        {DLA-474-1}
        - dosfstools 4.0-1
-       [jessie] - dosfstools <no-dsa> (Minor issue)
        NOTE: https://github.com/dosfstools/dosfstools/issues/12
        NOTE: 
https://github.com/dosfstools/dosfstools/commit/07908124838afcc99c577d1d3e84cef2dbd39cb7
 CVE-2015-8870 (Integer overflow in tools/bmp2tiff.c in LibTIFF before 4.0.4 
allows re ...)


=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[30 May 2020] DLA-2224-1 dosfstools - security update
+       {CVE-2015-8872 CVE-2016-4804}
+       [jessie] - dosfstools 3.0.27-1+deb8u1
 [29 May 2020] DLA-2223-1 salt - security update
        {CVE-2020-11651 CVE-2020-11652}
        [jessie] - salt 2014.1.13+ds-3+deb8u1



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/56d0e7bf37330750798e6d4969bc9fbd7049dc5c...d1b7594c8248ec2d64e69c43a8e4da9b3ba1ecca

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/56d0e7bf37330750798e6d4969bc9fbd7049dc5c...d1b7594c8248ec2d64e69c43a8e4da9b3ba1ecca
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to