[Secure-testing-commits] r25413 - data/CVE
Raphael Geissert
atomo64-guest at moszumanska.debian.org
Wed Jan 29 13:07:32 UTC 2014
Author: atomo64-guest
Date: 2014-01-29 13:07:32 +0000 (Wed, 29 Jan 2014)
New Revision: 25413
Modified:
data/CVE/list
Log:
python zipfile DoS
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-01-29 12:01:54 UTC (rev 25412)
+++ data/CVE/list 2014-01-29 13:07:32 UTC (rev 25413)
@@ -1,3 +1,13 @@
+CVE-2013-XXXX [python's zipfile infinite loop on malformed files]
+ - python2.5 <removed> (low)
+ - python2.6 <removed> (low)
+ - python2.7 <unfixed> (low)
+ - python3.1 <removed> (low)
+ - python3.2 <removed> (low)
+ - python3.3 <unfixed> (low)
+ - python3.4 <unfixed> (low)
+ TODO: check
+ NOTE: http://bugs.python.org/issue20078
CVE-2014-XXXX [no input validation for search function]
- fookebox <unfixed> (bug #736821)
CVE-2014-XXXX [insecure use of /tmp]
More information about the Secure-testing-commits
mailing list