Author: carnil Date: 2017-08-23 21:12:26 +0000 (Wed, 23 Aug 2017) New Revision: 55008
Modified: data/CVE/list Log: Add bug reference for libsass Modified: data/CVE/list =================================================================== --- data/CVE/list 2017-08-23 21:10:13 UTC (rev 55007) +++ data/CVE/list 2017-08-23 21:12:26 UTC (rev 55008) @@ -1431,17 +1431,17 @@ CVE-2017-12965 (Session fixation vulnerability in Apache2Triad 1.5.4 allows remote ...) TODO: check CVE-2017-12964 (There is a stack consumption issue in LibSass 3.4.5 that is triggered ...) - - libsass <unfixed> + - libsass <unfixed> (bug #873034) [stretch] - libsass <no-dsa> (Minor issue) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1482397 CVE-2017-12963 (There is an illegal address access in Sass::Eval::operator() in ...) - - libsass <unfixed> + - libsass <unfixed> (bug #873034) [stretch] - libsass <no-dsa> (Minor issue) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1482335 NOTE: Similar issue to CVE-2017-11555 but for the issue which remains unfixed NOTE: with the upstream patch for CVE-2017-11555. CVE-2017-12962 (There are memory leaks in LibSass 3.4.5 triggered by deeply nested ...) - - libsass <unfixed> + - libsass <unfixed> (bug #873034) [stretch] - libsass <no-dsa> (Minor issue) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1482331 CVE-2017-12961 (There is an assertion abort in the function parse_attributes() in ...) _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits