Author: carnil Date: 2015-02-18 14:22:17 +0000 (Wed, 18 Feb 2015) New Revision: 32313
Modified: data/CVE/list Log: Update information for cabextract issue Modified: data/CVE/list =================================================================== --- data/CVE/list 2015-02-18 14:16:26 UTC (rev 32312) +++ data/CVE/list 2015-02-18 14:22:17 UTC (rev 32313) @@ -4,11 +4,9 @@ NOTE: http://hmarco.org/bugs/linux-ASLR-reducing-mmap-by-half.html TODO: check CVE-2015-XXXX [directory traversal; related to overlong utf-8 encoding for /] - - libmspack <unfixed> - - cabextract 1.4-5 - NOTE: Starting with 1.4-5 cabextract uses the mspack system library + - cabextract <unfixed> NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/02/18/3 - TODO: check, once http://sourceforge.net/p/libmspack/code/217/ reachable, currently sf in static offline mode + NOTE: Upstream commit: http://sourceforge.net/p/libmspack/code/217 CVE-2015-XXXX [Vulnerabilities in nanohttp] - libcsoap <unfixed> (bug #778599) NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/02/17/2 _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits