[Secure-testing-commits] r41265 - data/CVE

Salvatore Bonaccorso Thu, 28 Apr 2016 13:24:45 -0700

Author: carnil
Date: 2016-04-28 20:24:26 +0000 (Thu, 28 Apr 2016)
New Revision: 41265


Modified:
   data/CVE/list
Log:
Update status for tardiff, CVE-2015-0857 fixed for 0.1-5

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2016-04-28 20:19:20 UTC (rev 41264)
+++ data/CVE/list       2016-04-28 20:24:26 UTC (rev 41265)
@@ -35880,12 +35880,15 @@
 CVE-2015-0858 [/tmp race condition in handling temporary directory]
        RESERVED
        - tardiff 0.1-3
+       NOTE: 
https://anonscm.debian.org/cgit/collab-maint/tardiff.git/commit/?id=9bd6a07bc204472ac27242cea16f89943b43003a
 CVE-2015-0857 [shell command injection through file names and tar file name 
itself]
        RESERVED
-       - tardiff <unfixed>
+       - tardiff 0.1-5
+       NOTE: 
https://anonscm.debian.org/cgit/collab-maint/tardiff.git/commit/?id=9bd6a07bc204472ac27242cea16f89943b43003a
        NOTE: Assignment is done for injection through file names and tar file 
name itself
        NOTE: First part was addressed in 0.1-3 but does not contain the fix 
for the tar
        NOTE: file name itself.
+       NOTE: 
https://anonscm.debian.org/cgit/collab-maint/tardiff.git/commit/?id=a18e8df51511df276e61dbccdbe1714fc53af965
 CVE-2015-0856 (daemon/Greeter.cpp in sddm before 0.13.0 does not properly 
disable the ...)
        - sddm 0.12.0-5 (bug #803336; low)
        NOTE: https://github.com/sddm/sddm/commit/4cfed6b0a625593


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r41265 - data/CVE

Reply via email to