Author: carnil
Date: 2017-05-01 13:24:11 +0000 (Mon, 01 May 2017)
New Revision: 51240
Modified:
data/CVE/list
Log:
Add bug reference for libarchive issues, #861609
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-05-01 13:08:14 UTC (rev 51239)
+++ data/CVE/list 2017-05-01 13:24:11 UTC (rev 51240)
@@ -148,11 +148,11 @@
CVE-2016-10351 (Telegram Desktop 0.10.19 uses 0755 permissions for ...)
TODO: check
CVE-2016-10350 (The archive_read_format_cab_read_header function in ...)
- - libarchive <unfixed>
+ - libarchive <unfixed> (bug #861609)
NOTE: https://github.com/libarchive/libarchive/issues/835
NOTE: Fixed by:
https://github.com/libarchive/libarchive/commit/88eb9e1d73fef46f04677c25b1697b8e25777ed3
CVE-2016-10349 (The archive_le32dec function in archive_endian.h in libarchive
3.2.2 ...)
- - libarchive <unfixed>
+ - libarchive <unfixed> (bug #861609)
NOTE: https://github.com/libarchive/libarchive/issues/834
NOTE: Fixed by:
https://github.com/libarchive/libarchive/commit/88eb9e1d73fef46f04677c25b1697b8e25777ed3
CVE-2017-8342 (Radicale before 1.1.2 and 2.x before 2.0.0rc2 is prone to
timing ...)
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
