[Secure-testing-commits] r41765 - data/CVE

Salvatore Bonaccorso Mon, 16 May 2016 03:03:54 -0700

Author: carnil
Date: 2016-05-16 10:03:00 +0000 (Mon, 16 May 2016)
New Revision: 41765


Modified:
   data/CVE/list
Log:
CVE-2016-1541/libarchive fixed in unstable, #823893

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2016-05-16 09:10:12 UTC (rev 41764)
+++ data/CVE/list       2016-05-16 10:03:00 UTC (rev 41765)
@@ -9759,8 +9759,9 @@
 CVE-2016-1541 (Heap-based buffer overflow in the zip_read_mac_metadata 
function in ...)
        {DSA-3574-1}
        [experimental] - libarchive 3.2.0-1
-       - libarchive <unfixed> (bug #823893)
+       - libarchive 3.1.2-11.1 (bug #823893)
        [wheezy] - libarchive <not-affected> (Vulnerable code not present)
+       NOTE: keeping the experimental tracking version as well since 
maintainer said not to merge NMU changelog
        NOTE: http://www.kb.cert.org/vuls/id/862384
        NOTE: http://www.talosintel.com/reports/TALOS-2016-0155/
        NOTE: 
https://github.com/libarchive/libarchive/commit/d0331e8e5b05b475f20b1f3101fe1ad772d7e7e7
 (v3.2.0)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r41765 - data/CVE

Reply via email to