[Secure-testing-commits] r51351 - data/CVE

Salvatore Bonaccorso Fri, 05 May 2017 02:12:07 -0700

Author: carnil
Date: 2017-05-05 09:11:41 +0000 (Fri, 05 May 2017)
New Revision: 51351


Modified:
   data/CVE/list
Log:
Add pcre2 issue

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2017-05-05 09:10:17 UTC (rev 51350)
+++ data/CVE/list       2017-05-05 09:11:41 UTC (rev 51351)
@@ -19,7 +19,10 @@
 CVE-2017-8787 (The PoDoFo::PdfXRefStreamParserObject::ReadXRefStreamEntry 
function in ...)
        TODO: check
 CVE-2017-8786 (pcre2test.c in PCRE2 10.23 allows remote attackers to cause a 
denial of ...)
-       TODO: check
+       - pcre2 <unfixed> (unimportant)
+       NOTE: https://bugs.exim.org/show_bug.cgi?id=2079
+       NOTE: 
https://blogs.gentoo.org/ago/2017/04/29/libpcre-heap-based-buffer-overflow-write-in-pcre2test-c/
+       NOTE: 
https://vcs.pcre.org/pcre2/code/trunk/src/pcre2test.c?r1=692&r2=697
 CVE-2017-8785
        RESERVED
 CVE-2017-8784


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r51351 - data/CVE

Reply via email to