[Secure-testing-commits] r32313 - data/CVE

Salvatore Bonaccorso Wed, 18 Feb 2015 06:23:23 -0800

Author: carnil
Date: 2015-02-18 14:22:17 +0000 (Wed, 18 Feb 2015)
New Revision: 32313


Modified:
   data/CVE/list
Log:
Update information for cabextract issue

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2015-02-18 14:16:26 UTC (rev 32312)
+++ data/CVE/list       2015-02-18 14:22:17 UTC (rev 32313)
@@ -4,11 +4,9 @@
        NOTE: http://hmarco.org/bugs/linux-ASLR-reducing-mmap-by-half.html
        TODO: check
 CVE-2015-XXXX [directory traversal; related to overlong utf-8 encoding for /]
-       - libmspack <unfixed>
-       - cabextract  1.4-5
-       NOTE: Starting with 1.4-5 cabextract uses the mspack system library
+       - cabextract <unfixed>
        NOTE: CVE Request: 
http://www.openwall.com/lists/oss-security/2015/02/18/3
-       TODO: check, once http://sourceforge.net/p/libmspack/code/217/ 
reachable, currently sf in static offline mode
+       NOTE: Upstream commit: http://sourceforge.net/p/libmspack/code/217
 CVE-2015-XXXX [Vulnerabilities in nanohttp]
        - libcsoap <unfixed> (bug #778599)
        NOTE: CVE Request: 
http://www.openwall.com/lists/oss-security/2015/02/17/2


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r32313 - data/CVE

Reply via email to