Author: carnil Date: 2016-10-28 05:13:26 +0000 (Fri, 28 Oct 2016) New Revision: 45685
Modified: data/CVE/list Log: Add CVE-2016-6321/tar Modified: data/CVE/list =================================================================== --- data/CVE/list 2016-10-28 05:08:35 UTC (rev 45684) +++ data/CVE/list 2016-10-28 05:13:26 UTC (rev 45685) @@ -8141,8 +8141,11 @@ NOTE: https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=9e2ff6c9cc54c0b4402b8d49e4abe7000fde7617 CVE-2016-6322 (Red Hat QuickStart Cloud Installer (QCI) uses world-readable ...) NOT-FOR-US: ovirt-engine -CVE-2016-6321 +CVE-2016-6321 [Bypassing the extract path name] RESERVED + - tar <unfixed> + NOTE: http://seclists.org/fulldisclosure/2016/Oct/96 + TODO: check CVE-2016-6320 (Cross-site scripting (XSS) vulnerability in ...) - foreman <itp> (bug #663101) CVE-2016-6319 (Cross-site scripting (XSS) vulnerability in app/helpers/form_helper.rb ...) _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits