[Secure-testing-commits] r45758 - data/CVE

Antoine Beaupré Sat, 29 Oct 2016 14:56:40 -0700

Author: anarcat
Date: 2016-10-29 21:55:02 +0000 (Sat, 29 Oct 2016)
New Revision: 45758


Modified:
   data/CVE/list
Log:
Summary: link to my patch for tar


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2016-10-29 21:53:41 UTC (rev 45757)
+++ data/CVE/list       2016-10-29 21:55:02 UTC (rev 45758)
@@ -8219,7 +8219,7 @@
        - tar <unfixed> (bug #842339)
        NOTE: https://sintonen.fi/advisories/tar-extract-pathname-bypass.txt
        NOTE: POC in https://sintonen.fi/advisories/tar-poc.tar (etc/shadow 
should not be extracted when asking for etc/motd)
-       NOTE: Proposed patch: 
https://sintonen.fi/advisories/tar-extract-pathname-bypass.patch
+       NOTE: Proposed patch: 
https://lists.debian.org/debian-lts/2016/10/msg00206.html
 CVE-2016-6320 (Cross-site scripting (XSS) vulnerability in ...)
        - foreman <itp> (bug #663101)
 CVE-2016-6319 (Cross-site scripting (XSS) vulnerability in 
app/helpers/form_helper.rb ...)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r45758 - data/CVE

Reply via email to