diff options
author | Emilio Pozuelo Monfort <pochu@debian.org> | 2020-11-05 13:38:43 +0100 |
---|---|---|
committer | Emilio Pozuelo Monfort <pochu@debian.org> | 2020-11-05 13:52:05 +0100 |
commit | b3cecbb890c4c60320ed32b0ac60786d4929effb (patch) | |
tree | 20d7cb3cd9b8767650155b5e41835f4608b5877c /data/CVE/2015.list | |
parent | 6675dba6daedb3768f5e7a6c3d8574e7372c900a (diff) |
CVE/list: sort release entries after their package entry
Diffstat (limited to 'data/CVE/2015.list')
-rw-r--r-- | data/CVE/2015.list | 23 |
1 files changed, 12 insertions, 11 deletions
diff --git a/data/CVE/2015.list b/data/CVE/2015.list index 0e26a1a376..ca66e0b313 100644 --- a/data/CVE/2015.list +++ b/data/CVE/2015.list @@ -4556,8 +4556,8 @@ CVE-2015-8104 (The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3. {DSA-3454-1 DSA-3426-1 DSA-3414-1 DLA-479-1} - linux 4.2.6-2 - linux-2.6 <removed> - - xen 4.8.0~rc3-1 (bug #823620) [squeeze] - linux-2.6 <no-dsa> (KVM not supported in Squeeze LTS) + - xen 4.8.0~rc3-1 (bug #823620) [squeeze] - xen <end-of-life> (Not supported in Squeeze LTS) NOTE: http://xenbits.xen.org/xsa/advisory-156.html NOTE: Upstream patch: https://lkml.org/lkml/2015/11/10/218 @@ -5017,8 +5017,8 @@ CVE-2015-7995 (The xsltStylePreCompute function in preproc.c in libxslt 1.1.28 d CVE-2015-8982 (Integer overflow in the strxfrm function in the GNU C Library (aka gli ...) - glibc 2.21-1 (bug #803927) [jessie] - glibc 2.19-18+deb8u2 - [wheezy] - eglibc 2.13-38+deb7u9 - eglibc <removed> + [wheezy] - eglibc 2.13-38+deb7u9 [squeeze] - eglibc 2.11.3-4+deb6u8 NOTE: workaround entry for DLA-350-1 until/if CVE assigned NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=16009 @@ -8020,8 +8020,8 @@ CVE-2015-7312 (Multiple race conditions in the Advanced Union Filesystem (aufs) CVE-2015-6855 (hw/ide/core.c in QEMU does not properly restrict the commands accepted ...) {DSA-3362-1 DSA-3361-1} - qemu 1:2.4+dfsg-2 - - qemu-kvm <removed> [squeeze] - qemu <end-of-life> (Not supported in Squeeze LTS) + - qemu-kvm <removed> [squeeze] - qemu-kvm <end-of-life> (Not supported in Squeeze LTS) NOTE: https://www.openwall.com/lists/oss-security/2015/09/10/1 NOTE: Fix commit: http://git.qemu.org/?p=qemu.git;a=commit;h=d9033e1d3aa666c5071580617a57bd853c5d794a @@ -12129,8 +12129,8 @@ CVE-2015-5307 (The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3. {DSA-3454-1 DSA-3414-1 DSA-3396-1 DLA-479-1} - linux 4.2.6-1 - linux-2.6 <removed> - - xen 4.8.0~rc3-1 (bug #823620) [squeeze] - linux-2.6 <no-dsa> (KVM not supported in Squeeze LTS) + - xen 4.8.0~rc3-1 (bug #823620) [squeeze] - xen <end-of-life> (Not supported in Squeeze LTS) NOTE: http://xenbits.xen.org/xsa/advisory-156.html - virtualbox 5.0.10-dfsg-1 @@ -14509,23 +14509,23 @@ CVE-2015-4490 (The nsCSPHostSrc::permits function in dom/security/nsCSPUtils.cpp CVE-2015-4489 (The nsTArray_Impl class in Mozilla Firefox before 40.0, Firefox ESR 38 ...) {DSA-3410-1 DSA-3333-1} - iceweasel 38.2.0esr-1 + [squeeze] - iceweasel <end-of-life> - icedove 38.3.0-1 [squeeze] - icedove <end-of-life> - [squeeze] - iceweasel <end-of-life> NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-90/ CVE-2015-4488 (Use-after-free vulnerability in the StyleAnimationValue class in Mozil ...) {DSA-3410-1 DSA-3333-1} - iceweasel 38.2.0esr-1 + [squeeze] - iceweasel <end-of-life> - icedove 38.3.0-1 [squeeze] - icedove <end-of-life> - [squeeze] - iceweasel <end-of-life> NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-90/ CVE-2015-4487 (The nsTSubstring::ReplacePrep function in Mozilla Firefox before 40.0, ...) {DSA-3410-1 DSA-3333-1} - iceweasel 38.2.0esr-1 + [squeeze] - iceweasel <end-of-life> - icedove 38.3.0-1 [squeeze] - icedove <end-of-life> - [squeeze] - iceweasel <end-of-life> NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-90/ CVE-2015-4486 (The decrease_ref_count function in libvpx in Mozilla Firefox before 40 ...) - libvpx 1.4.0-1 @@ -14588,9 +14588,9 @@ CVE-2015-4474 (Multiple unspecified vulnerabilities in the browser engine in Moz CVE-2015-4473 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...) {DSA-3410-1 DSA-3333-1} - iceweasel 38.2.0esr-1 + [squeeze] - iceweasel <end-of-life> - icedove 38.3.0-1 [squeeze] - icedove <end-of-life> - [squeeze] - iceweasel <end-of-life> NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-79/ CVE-2015-4466 RESERVED @@ -18110,12 +18110,13 @@ CVE-2015-3209 (Heap-based buffer overflow in the PCNET controller in QEMU allows {DSA-3286-1 DSA-3285-1 DSA-3284-1} - qemu 1:2.3+dfsg-6 (bug #788460) [wheezy] - qemu 1.1.2+dfsg-6a+deb7u8 + [squeeze] - qemu <end-of-life> (Not supported in Squeeze LTS) - qemu-kvm <removed> + [squeeze] - qemu-kvm <end-of-life> (Not supported in Squeeze LTS) - xen 4.4.0-1 [squeeze] - xen <end-of-life> (Not supported in Squeeze LTS) + - xen-qemu-dm-4.0 <removed> [squeeze] - xen-qemu-dm-4.0 <end-of-life> (Not supported in Squeeze LTS) - [squeeze] - qemu <end-of-life> (Not supported in Squeeze LTS) - [squeeze] - qemu-kvm <end-of-life> (Not supported in Squeeze LTS) NOTE: Xen switched to qemu-system in 4.4.0-1 NOTE: http://xenbits.xen.org/xsa/advisory-135.html CVE-2015-3208 (XML external entity (XXE) vulnerability in the XPath selector componen ...) @@ -21201,10 +21202,10 @@ CVE-2015-2156 (Netty before 3.9.8.Final, 3.10.x before 3.10.3.Final, 4.0.x befor - netty 1:4.0.31-1 (bug #796114) [jessie] - netty <ignored> (Minor issue, invasive patch) [wheezy] - netty <no-dsa> (Minor issue) + [squeeze] - netty <no-dsa> (Minor issue) - netty-3.9 3.9.9.Final-1 (bug #793770) [jessie] - netty-3.9 <ignored> (Minor issue, invasive patch) - playframework <itp> (bug #646523) - [squeeze] - netty <no-dsa> (Minor issue) NOTE: http://netty.io/news/2015/05/08/3-9-8-Final-and-3.html NOTE: https://www.playframework.com/security/vulnerability/CVE-2015-2156-HttpOnlyBypass NOTE: http://web.archive.org/web/20150925094949/http://engineering.linkedin.com/security/look-netty%E2%80%99s-recent-security-update-cve%C2%AD-2015%C2%AD-2156 |