[Secure-testing-commits] r34347 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Tue May 19 19:42:38 UTC 2015


Author: carnil
Date: 2015-05-19 19:42:38 +0000 (Tue, 19 May 2015)
New Revision: 34347

Modified:
   data/CVE/list
Log:
Add two new coreutils CVEs

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-05-19 19:28:44 UTC (rev 34346)
+++ data/CVE/list	2015-05-19 19:42:38 UTC (rev 34347)
@@ -1,3 +1,12 @@
+CVE-2015-4042 [buffer overflow related to SIZE_MAX - lenb - 2 < lena test]
+	- coreutils <unfixed>
+	NOTE: https://github.com/pixelb/coreutils/commit/bea5e36cc876ed627bb5e0eca36fdfaa6465e940
+	TODO: check
+CVE-2015-4041 [heap overflow; size calculation without properly considering the number of bytes occupied by multibyte characters]
+	- coreutils <unfixed>
+	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=928749
+	NOTE: https://github.com/pixelb/coreutils/commit/bea5e36cc876ed627bb5e0eca36fdfaa6465e940
+	TODO: check
 CVE-2015-4010
 	RESERVED
 CVE-2015-4009




More information about the Secure-testing-commits mailing list