[Secure-testing-commits] r56624 - data/CVE

Salvatore Bonaccorso Wed, 11 Oct 2017 14:17:02 -0700

Author: carnil
Date: 2017-10-11 21:16:38 +0000 (Wed, 11 Oct 2017)
New Revision: 56624


Modified:
   data/CVE/list
Log:
Add two new libextractor CVEs

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2017-10-11 21:11:48 UTC (rev 56623)
+++ data/CVE/list       2017-10-11 21:16:38 UTC (rev 56624)
@@ -1,9 +1,15 @@
 CVE-2017-15268
        RESERVED
 CVE-2017-15267 (In GNU Libextractor 1.4, there is a NULL Pointer Dereference 
in ...)
-       TODO: check
+       - libextractor <unfixed>
+       NOTE: 
http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00003.html
+       NOTE: http://openwall.com/lists/oss-security/2017/10/11/1
+       NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1499600
 CVE-2017-15266 (In GNU Libextractor 1.4, there is a Divide-By-Zero in ...)
-       TODO: check
+       - libextractor <unfixed>
+       NOTE: 
http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00002.html
+       NOTE: http://openwall.com/lists/oss-security/2017/10/11/1
+       NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1499599
 CVE-2017-15265 [use-after-free in /dev/snd/seq]
        RESERVED
        - linux <unfixed>


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r56624 - data/CVE

Reply via email to