Author: carnil Date: 2015-02-02 21:16:27 +0000 (Mon, 02 Feb 2015) New Revision: 31917
Modified: data/CVE/list Log: Some security-sensitive bugs in libmspack fixed in unstable upload, #775687, #775498, #774665, #775499 Modified: data/CVE/list =================================================================== --- data/CVE/list 2015-02-02 21:10:18 UTC (rev 31916) +++ data/CVE/list 2015-02-02 21:16:27 UTC (rev 31917) @@ -696,8 +696,14 @@ - php5 <undetermined> NOTE: https://github.com/MegaManSec/php-src/commit/a538d2f5605798422f2746636ecdc300f8ebcaa1 TODO: check +CVE-2015-XXXX [off-by-one buffer under-read in mspack/lzxd.c] + - libmspack 0.5-1 (bug #775499) +CVE-2014-XXXX [null pointer dereference on a crafted CAB] + - libmspack 0.5-1 (bug #774665) +CVE-2015-XXXX [off-by-one buffer over-read in mspack/mszipd.c] + - libmspack 0.5-1 (bug #775498) CVE-2015-XXXX [CHM decompression: another pointer arithmetic overflow] - - libmspack <unfixed> (bug #775687) + - libmspack 0.5-1 (bug #775687) CVE-2015-XXXX [multiple /tmp file vulnerabilities] - kamailio 4.2.0-2 (bug #775681) NOTE: https://github.com/kamailio/kamailio/issues/48 _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits