[Secure-testing-commits] r35456 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Tue Jul 14 04:46:50 UTC 2015
Author: carnil
Date: 2015-07-14 04:46:50 +0000 (Tue, 14 Jul 2015)
New Revision: 35456
Modified:
data/CVE/list
Log:
Split up temporary items for tidy, will recieve two CVE assignments
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-07-14 04:36:17 UTC (rev 35455)
+++ data/CVE/list 2015-07-14 04:46:50 UTC (rev 35456)
@@ -2864,8 +2864,12 @@
NOTE: Git commit: https://github.com/tatsuhiro-t/nghttp2/commit/3572e7c6343cb85fc21f5667a7ed0902cf5305cf
NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/06/03/20
NOTE: inflatehd not installed into the Debian binary packages
-CVE-2015-XXXX [heap-buffer-overflow]
+CVE-2015-XXXX [small file can lead to a 4 Gb allocation; potential DoS]
- tidy <unfixed>
+ NOTE: https://github.com/htacg/tidy-html5/issues/217#issuecomment-108565501
+ NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/06/04/2
+CVE-2015-XXXX [AddressSanitizer: heap-buffer-overflow WRITE of size 1]
+ - tidy <unfixed>
NOTE: https://github.com/htacg/tidy-html5/issues/217
NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/06/04/2
CVE-2015-6593
More information about the Secure-testing-commits
mailing list