[Secure-testing-commits] r30360 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Wed Nov 26 17:25:55 UTC 2014
Author: carnil
Date: 2014-11-26 17:25:55 +0000 (Wed, 26 Nov 2014)
New Revision: 30360
Modified:
data/CVE/list
Log:
One CVE for cpio assigned
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-11-26 17:02:49 UTC (rev 30359)
+++ data/CVE/list 2014-11-26 17:25:55 UTC (rev 30360)
@@ -7,6 +7,10 @@
- util-linux <unfixed>
NOTE: http://www.openwall.com/lists/oss-security/2014/11/26/13
TODO: check
+CVE-2014-9112 [heap-based buffer overflow]
+ - cpio <unfixed>
+ NOTE: http://lcamtuf.coredump.cx/afl/vulns/lesspipe-cpio-bad-write.cpio
+ TODO: check
CVE-2014-9089 [SQL-injection in /view_all_set.php and/or core/filter_api.php]
- mantis <unfixed>
[squeeze] - mantis <end-of-life> (Unsupported in squeeze-lts)
More information about the Secure-testing-commits
mailing list