[Secure-testing-commits] r34707 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Thu Jun 4 06:13:43 UTC 2015


Author: carnil
Date: 2015-06-04 06:13:43 +0000 (Thu, 04 Jun 2015)
New Revision: 34707

Modified:
   data/CVE/list
Log:
Add nghttp2 issue

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-06-04 06:08:56 UTC (rev 34706)
+++ data/CVE/list	2015-06-04 06:13:43 UTC (rev 34707)
@@ -1,3 +1,9 @@
+CVE-2015-XXXX [Null pointer access in inflatehd tool]
+	- nghttp2 <unfixed>
+	NOTE: Upstream report: https://github.com/tatsuhiro-t/nghttp2/issues/235
+	NOTE: Git commit: https://github.com/tatsuhiro-t/nghttp2/commit/3572e7c6343cb85fc21f5667a7ed0902cf5305cf
+	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/06/03/20
+	TODO: check
 CVE-2015-XXXX [heap-buffer-overflow]
 	- tidy <unfixed>
 	NOTE: https://github.com/htacg/tidy-html5/issues/217




More information about the Secure-testing-commits mailing list