diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2021-07-10 22:21:30 +0200 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2021-07-10 22:22:25 +0200 |
commit | 12003c3b7b5ad058707cdb77bc4169e9018fd678 (patch) | |
tree | 3ad0e8932f28d3d452fac4bbab33fd3018471c55 /data/CVE/2016.list | |
parent | 7b0536a0ae006f831e04bd84e2366ee6181e3f02 (diff) |
Update inormation on some older CVEs to make tracking a bit more consistent
Diffstat (limited to 'data/CVE/2016.list')
-rw-r--r-- | data/CVE/2016.list | 14 |
1 files changed, 6 insertions, 8 deletions
diff --git a/data/CVE/2016.list b/data/CVE/2016.list index 1fa7899c3c..97a86f81af 100644 --- a/data/CVE/2016.list +++ b/data/CVE/2016.list @@ -7164,8 +7164,7 @@ CVE-2016-8880 REJECTED CVE-2016-8866 (The AcquireMagickMemory function in MagickCore/memory.c in ImageMagick ...) {DLA-756-1} - - imagemagick <not-affected> - NOTE: For incomplete fix of CVE-2016-8862 + - imagemagick <not-affected> (Incomplete fix for CVE-2016-8862 not applied) NOTE: https://blogs.gentoo.org/ago/2016/10/20/imagemagick-memory-allocation-failure-in-acquiremagickmemory-memory-c-incomplete-fix-for-cve-2016-8862/ NOTE: This is not a real problem in imagemagick but caused by the "observer" (the address sanitizer), cf. NOTE: https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=30908#p140255 . @@ -11680,9 +11679,10 @@ CVE-2016-10053 (The WriteTIFFImage function in coders/tiff.c in ImageMagick befo NOTE: https://www.openwall.com/lists/oss-security/2016/12/20/3 CVE-2016-7118 (fs/fcntl.c in the "aufs 3.2.x+setfl-debian" patch in the linux-image p ...) {DLA-609-1} - - linux <not-affected> + - linux <not-affected> (Vulnerable code not present) NOTE: Bit of complicated tracking information. For jessie the affected version is not in any yet - NOTE: released version, thus should be n/a. wheezy OTOH, has already the issue in a released version. Issue then was fixed in 3.2.81-2 in DLA-609-1 + NOTE: released version, thus should be n/a. wheezy OTOH, has already the issue in a released version. + NOTE: Issue then was fixed in 3.2.81-2 in DLA-609-1 NOTE: https://www.openwall.com/lists/oss-security/2016/08/31/1 CVE-2016-7116 (Directory traversal vulnerability in hw/9pfs/9p.c in QEMU (aka Quick E ...) {DLA-1599-1 DLA-619-1 DLA-618-1} @@ -12201,8 +12201,7 @@ CVE-2016-6921 (Use-after-free vulnerability in Adobe Flash Player before 18.0.0. NOT-FOR-US: Adobe Flash Player CVE-2016-6920 (Heap-based buffer overflow in the decode_block function in libavcodec/ ...) - ffmpeg 7:3.1.3-1 - - libav <not-affected> - NOTE: Vulnerable code not present in any Libav version. + - libav <not-affected> (Vulnerable code not present in any Libav version) CVE-2016-6919 RESERVED CVE-2016-6918 (Lexmark Markvision Enterprise (MVE) before 2.4.1 allows remote attacke ...) @@ -12266,10 +12265,9 @@ CVE-2016-6889 RESERVED CVE-2016-6881 (The zlib_refill function in libavformat/swfdec.c in FFmpeg before 3.1. ...) - ffmpeg 7:3.1.3-1 (unimportant) - - libav <not-affected> + - libav <not-affected> (Vulnerable code not present in any Libav version) NOTE: https://www.openwall.com/lists/oss-security/2016/09/26/6 NOTE: https://github.com/FFmpeg/FFmpeg/commit/4770eac6 - NOTE: Vulnerable code not present in any Libav version. CVE-2016-6902 (lshell 0.9.16 allows remote authenticated users to break out of a limi ...) - lshell <removed> (bug #834949) [wheezy] - lshell <not-affected> (Vulnerable code not present) |