Author: carnil Date: 2016-04-28 20:24:26 +0000 (Thu, 28 Apr 2016) New Revision: 41265
Modified: data/CVE/list Log: Update status for tardiff, CVE-2015-0857 fixed for 0.1-5 Modified: data/CVE/list =================================================================== --- data/CVE/list 2016-04-28 20:19:20 UTC (rev 41264) +++ data/CVE/list 2016-04-28 20:24:26 UTC (rev 41265) @@ -35880,12 +35880,15 @@ CVE-2015-0858 [/tmp race condition in handling temporary directory] RESERVED - tardiff 0.1-3 + NOTE: https://anonscm.debian.org/cgit/collab-maint/tardiff.git/commit/?id=9bd6a07bc204472ac27242cea16f89943b43003a CVE-2015-0857 [shell command injection through file names and tar file name itself] RESERVED - - tardiff <unfixed> + - tardiff 0.1-5 + NOTE: https://anonscm.debian.org/cgit/collab-maint/tardiff.git/commit/?id=9bd6a07bc204472ac27242cea16f89943b43003a NOTE: Assignment is done for injection through file names and tar file name itself NOTE: First part was addressed in 0.1-3 but does not contain the fix for the tar NOTE: file name itself. + NOTE: https://anonscm.debian.org/cgit/collab-maint/tardiff.git/commit/?id=a18e8df51511df276e61dbccdbe1714fc53af965 CVE-2015-0856 (daemon/Greeter.cpp in sddm before 0.13.0 does not properly disable the ...) - sddm 0.12.0-5 (bug #803336; low) NOTE: https://github.com/sddm/sddm/commit/4cfed6b0a625593 _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits