[Secure-testing-commits] r31917 - data/CVE

Salvatore Bonaccorso Mon, 02 Feb 2015 13:17:14 -0800

Author: carnil
Date: 2015-02-02 21:16:27 +0000 (Mon, 02 Feb 2015)
New Revision: 31917


Modified:
   data/CVE/list
Log:
Some security-sensitive bugs in libmspack fixed in unstable upload, #775687, 
#775498, #774665, #775499

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2015-02-02 21:10:18 UTC (rev 31916)
+++ data/CVE/list       2015-02-02 21:16:27 UTC (rev 31917)
@@ -696,8 +696,14 @@
        - php5 <undetermined>
        NOTE: 
https://github.com/MegaManSec/php-src/commit/a538d2f5605798422f2746636ecdc300f8ebcaa1
        TODO: check
+CVE-2015-XXXX [off-by-one buffer under-read in mspack/lzxd.c]
+       - libmspack 0.5-1 (bug #775499)
+CVE-2014-XXXX [null pointer dereference on a crafted CAB]
+       - libmspack 0.5-1 (bug #774665)
+CVE-2015-XXXX [off-by-one buffer over-read in mspack/mszipd.c]
+       - libmspack 0.5-1 (bug #775498)
 CVE-2015-XXXX [CHM decompression: another pointer arithmetic overflow]
-       - libmspack <unfixed> (bug #775687)
+       - libmspack 0.5-1 (bug #775687)
 CVE-2015-XXXX [multiple /tmp file vulnerabilities]
        - kamailio 4.2.0-2 (bug #775681)
        NOTE: https://github.com/kamailio/kamailio/issues/48


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r31917 - data/CVE

Reply via email to