[Secure-testing-commits] r38470 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Tue Dec 22 05:42:09 UTC 2015
Author: carnil
Date: 2015-12-22 05:42:09 +0000 (Tue, 22 Dec 2015)
New Revision: 38470
Modified:
data/CVE/list
Log:
Add CVE-2015-8614/claws-mail
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-12-22 05:35:22 UTC (rev 38469)
+++ data/CVE/list 2015-12-22 05:42:09 UTC (rev 38470)
@@ -1,3 +1,9 @@
+CVE-2015-8614 [no bounds checking on the output buffer in conv_jistoeuc, conv_euctojis, conv_sjistoeuc]
+ - claws-mail <unfixed>
+ NOTE: http://git.claws-mail.org/?p=claws.git;a=commit;h=d390fa07f5548f3173dd9cc13b233db5ce934c82
+ NOTE: http://www.thewildbeast.co.uk/claws-mail/bugzilla/show_bug.cgi?id=3557
+ NOTE: https://bugs.gentoo.org/show_bug.cgi?id=569010
+ TODO: check (other source packages, possibly sylpheed, claws-mail, sylfilter, macopix, libsylph)
CVE-2015-8611
RESERVED
CVE-2015-8613 [scsi: stack based buffer overflow in megasas_ctrl_get_info]
More information about the Secure-testing-commits
mailing list