[Secure-testing-commits] r52272 - data/CVE

Sun, 04 Jun 2017 03:06:22 -0700 

Author: jmm
Date: 2017-06-04 10:05:54 +0000 (Sun, 04 Jun 2017)
New Revision: 52272

Modified:
   data/CVE/list
Log:
zziplib fixed


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2017-06-04 10:04:29 UTC (rev 52271)
+++ data/CVE/list       2017-06-04 10:05:54 UTC (rev 52272)
@@ -9874,28 +9874,29 @@
        NOTE: Since 7.0.72-3, src:tomcat7 only builds the Servlet API
        NOTE: https://bz.apache.org/bugzilla/show_bug.cgi?id=57544
 CVE-2017-5981 (seeko.c in zziplib 0.13.62 allows remote attackers to cause a 
denial ...)
-       - zziplib <unfixed> (bug #854727)
+       - zziplib 0.13.62-3.1 (bug #854727)
        NOTE: 
http://blogs.gentoo.org/ago/2017/02/09/zziplib-assertion-failure-in-seeko-c/
 CVE-2017-5980 (The zzip_mem_entry_new function in memdisk.c in zziplib 0.13.62 
allows ...)
-       - zziplib <unfixed> (bug #854727)
+       - zziplib 0.13.62-3.1 (bug #854727)
        NOTE: 
http://blogs.gentoo.org/ago/2017/02/09/zziplib-null-pointer-dereference-in-zzip_mem_entry_new-memdisk-c/
 CVE-2017-5979 (The prescan_entry function in fseeko.c in zziplib 0.13.62 
allows ...)
-       - zziplib <unfixed> (bug #854727)
+       - zziplib 0.13.62-3.1 (bug #854727)
        NOTE: 
http://blogs.gentoo.org/ago/2017/02/09/zziplib-null-pointer-dereference-in-prescan_entry-fseeko-c/
 CVE-2017-5978 (The zzip_mem_entry_new function in memdisk.c in zziplib 0.13.62 
allows ...)
-       - zziplib <unfixed> (bug #854727)
+       - zziplib 0.13.62-3.1 (bug #854727)
        NOTE: 
http://blogs.gentoo.org/ago/2017/02/09/zziplib-out-of-bounds-read-in-zzip_mem_entry_new-memdisk-c/
 CVE-2017-5977 (The zzip_mem_entry_extra_block function in memdisk.c in zziplib 
...)
        - zziplib <unfixed> (bug #854727)
+       [stretch] - zziplib <no-dsa> (Minor issue)
        NOTE: 
http://blogs.gentoo.org/ago/2017/02/09/zziplib-invalid-memory-read-in-zzip_mem_entry_extra_block-memdisk-c/
 CVE-2017-5976 (Heap-based buffer overflow in the zzip_mem_entry_extra_block 
function ...)
-       - zziplib <unfixed> (bug #854727)
+       - zziplib 0.13.62-3.1 (bug #854727)
        NOTE: 
http://blogs.gentoo.org/ago/2017/02/09/zziplib-heap-based-buffer-overflow-in-zzip_mem_entry_extra_block-memdisk-c/
 CVE-2017-5975 (Heap-based buffer overflow in the __zzip_get64 function in 
fetch.c in ...)
-       - zziplib <unfixed> (bug #854727)
+       - zziplib 0.13.62-3.1 (bug #854727)
        NOTE: 
http://blogs.gentoo.org/ago/2017/02/09/zziplib-heap-based-buffer-overflow-in-__zzip_get64-fetch-c/
 CVE-2017-5974 (Heap-based buffer overflow in the __zzip_get32 function in 
fetch.c in ...)
-       - zziplib <unfixed> (bug #854727)
+       - zziplib 0.13.62-3.1 (bug #854727)
        NOTE: 
http://blogs.gentoo.org/ago/2017/02/09/zziplib-heap-based-buffer-overflow-in-__zzip_get32-fetch-c/
 CVE-2017-5973 (The xhci_kick_epctx function in hw/usb/hcd-xhci.c in QEMU (aka 
Quick ...)
        {DLA-845-1 DLA-842-1}


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to