[Secure-testing-commits] r30308 - data/CVE

[Salvatore Bonaccorso]

Author: carnil
Date: 2014-11-25 12:51:05 +0000 (Tue, 25 Nov 2014)
New Revision: 30308

Modified:
   data/CVE/list
Log:
Add hivex issue

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2014-11-25 12:48:49 UTC (rev 30307)
+++ data/CVE/list	2014-11-25 12:51:05 UTC (rev 30308)
@@ -1,3 +1,7 @@
+CVE-2014-XXXX [does not properly handle small-sized hive files]
+	- hivex 1.3.11-1
+	NOTE: https://github.com/libguestfs/hivex/commit/357f26fa64fd1d9ccac2331fe174a8ee9c607adb
+	NOTE: https://github.com/libguestfs/hivex/commit/4bbdf555f88baeae0fa804a369a81a83908bd705 
 CVE-2014-XXXX [buffer overflow in ksba_oid_to_str]
 	- libksba <unfixed>
 	NOTE: http://lists.gnupg.org/pipermail/gnupg-announce/2014q4/000359.html