[Secure-testing-commits] r26220 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Mon Mar 24 06:07:04 UTC 2014
Author: carnil
Date: 2014-03-24 06:07:04 +0000 (Mon, 24 Mar 2014)
New Revision: 26220
Modified:
data/CVE/list
Log:
Add reference to upstream fix
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-03-24 01:01:40 UTC (rev 26219)
+++ data/CVE/list 2014-03-24 06:07:04 UTC (rev 26220)
@@ -3921,6 +3921,7 @@
CVE-2014-0791 (Integer overflow in the license_read_scope_list function in ...)
- freerdp <unfixed> (unimportant)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=998941
+ NOTE: https://github.com/FreeRDP/FreeRDP/commit/f1d6afca6ae620f9855a33280bdc6f3ad9153be0#diff-b6d68bbca6e0f5875c57ef225cd65c45
NOTE: A malicous license has simpler means to DoS a RDP client, e.g. by simply stating that no valid license exists etc.
CVE-2014-0789
RESERVED
More information about the Secure-testing-commits
mailing list