[Secure-testing-commits] r37532 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Tue Nov 3 20:01:54 UTC 2015
Author: carnil
Date: 2015-11-03 20:01:54 +0000 (Tue, 03 Nov 2015)
New Revision: 37532
Modified:
data/CVE/list
Log:
Update pycurl entry, check affected versions
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-11-03 20:01:42 UTC (rev 37531)
+++ data/CVE/list 2015-11-03 20:01:54 UTC (rev 37532)
@@ -1,8 +1,10 @@
CVE-2015-XXXX [use afer free]
- pycurl <unfixed>
+ [wheezy] - pycurl <not-affected> (Vulnerable code introduced later)
+ [squeeze] - pycurl <not-affected> (Vulnerable code introduced later)
NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/11/03/4
- NOTE: https://github.com/pycurl/pycurl/commit/602f8e364634d386524f0396e962c2c9de0536a9
- TODO: check versions
+ NOTE: Upstream commit: https://github.com/pycurl/pycurl/commit/602f8e364634d386524f0396e962c2c9de0536a9
+ NOTE: support for BUFFER and BUFFERPTR form parameters added with https://github.com/clintclayton/pycurl/commit/642f87afc14fc79c202c3b10b95ad35e97aa8615
CVE-2015-8033
RESERVED
CVE-2015-8032
More information about the Secure-testing-commits
mailing list