Author: carnil
Date: 2016-10-28 05:13:26 +0000 (Fri, 28 Oct 2016)
New Revision: 45685
Modified:
data/CVE/list
Log:
Add CVE-2016-6321/tar
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-10-28 05:08:35 UTC (rev 45684)
+++ data/CVE/list 2016-10-28 05:13:26 UTC (rev 45685)
@@ -8141,8 +8141,11 @@
NOTE:
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=9e2ff6c9cc54c0b4402b8d49e4abe7000fde7617
CVE-2016-6322 (Red Hat QuickStart Cloud Installer (QCI) uses world-readable
...)
NOT-FOR-US: ovirt-engine
-CVE-2016-6321
+CVE-2016-6321 [Bypassing the extract path name]
RESERVED
+ - tar <unfixed>
+ NOTE: http://seclists.org/fulldisclosure/2016/Oct/96
+ TODO: check
CVE-2016-6320 (Cross-site scripting (XSS) vulnerability in ...)
- foreman <itp> (bug #663101)
CVE-2016-6319 (Cross-site scripting (XSS) vulnerability in
app/helpers/form_helper.rb ...)
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
