[Secure-testing-commits] r30898 - data/CVE

[Salvatore Bonaccorso]

Author: carnil
Date: 2014-12-22 05:28:05 +0000 (Mon, 22 Dec 2014)
New Revision: 30898

Modified:
   data/CVE/list
Log:
CVE-2014-9112/cpio fixed in unstable

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2014-12-22 05:27:24 UTC (rev 30897)
+++ data/CVE/list	2014-12-22 05:28:05 UTC (rev 30898)
@@ -1032,7 +1032,7 @@
 	NOTE: https://github.com/karelzak/util-linux/commit/89e90ae7b2826110ea28c1c0eb8e7c56c3907bdc
 CVE-2014-9112 (Heap-based buffer overflow in the process_copy_in function in GNU Cpio ...)
 	{DLA-111-1}
-	- cpio <unfixed> (bug #772793)
+	- cpio 2.11+dfsg-2.1 (bug #772793)
 	NOTE: http://lcamtuf.coredump.cx/afl/vulns/lesspipe-cpio-bad-write.cpio
 	NOTE: https://savannah.gnu.org/bugs/?43709
 	NOTE: http://git.savannah.gnu.org/cgit/cpio.git/commit/?id=746f3ff6 (fix buffer overflow)