[Secure-testing-commits] r43690 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Mon Aug 1 08:30:07 UTC 2016
Author: carnil
Date: 2016-08-01 08:30:07 +0000 (Mon, 01 Aug 2016)
New Revision: 43690
Modified:
data/CVE/list
Log:
Add fixed version for CVE-2016-6354/flex, #832768
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-08-01 08:09:58 UTC (rev 43689)
+++ data/CVE/list 2016-08-01 08:30:07 UTC (rev 43690)
@@ -472,7 +472,7 @@
RESERVED
CVE-2016-6354 [Buffer overflow in generated code (yy_get_next_buffer); related to num_to_read]
RESERVED
- - flex <unfixed> (bug #832768)
+ - flex 2.6.1-1 (bug #832768)
[wheezy] - flex <not-affected> (Issue introduced with 2.5.36)
NOTE: Intorduced by: https://github.com/westes/flex/commit/9ba3187a537d6a58d345f2874d06087fd4050399 (flex-2-5-36)
NOTE: Fixed by: https://github.com/westes/flex/commit/a5cbe929ac3255d371e698f62dc256afe7006466 (v2.6.1)
More information about the Secure-testing-commits
mailing list