[Secure-testing-commits] r46756 - data/CVE

[Salvatore Bonaccorso]

Author: carnil
Date: 2016-12-03 20:11:59 +0000 (Sat, 03 Dec 2016)
New Revision: 46756

Modified:
   data/CVE/list
Log:
Mark libarchive issues as no-dsa, can be fixed either via future DSA or point release

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-12-03 19:38:22 UTC (rev 46755)
+++ data/CVE/list	2016-12-03 20:11:59 UTC (rev 46756)
@@ -8570,6 +8570,7 @@
 	RESERVED
 	{DLA-661-1}
 	- libarchive 3.2.1-5 (bug #840934)
+	[jessie] - libarchive <no-dsa> (Minor issue, can be fixed via point release)
 	NOTE: https://blogs.gentoo.org/ago/2016/09/11/libarchive-bsdtar-heap-based-buffer-overflow-in-read_header-archive_read_support_format_7zip-c/
 	NOTE: https://github.com/libarchive/libarchive/issues/761
 	NOTE: Fixed by: https://github.com/libarchive/libarchive/commit/7f17c791dcfd8c0416e2cd2485b19410e47ef126
@@ -8577,6 +8578,7 @@
 	RESERVED
 	{DLA-661-1}
 	- libarchive 3.2.1-5 (bug #840935)
+	[jessie] - libarchive <no-dsa> (Minor issue, can be fixed via point release)
 	NOTE: https://blogs.gentoo.org/ago/2016/09/11/libarchive-bsdtar-heap-based-buffer-overflow-in-detect_form-archive_read_support_format_mtree-c/
 	NOTE: https://blogs.gentoo.org/ago/2016/09/11/libarchive-bsdtar-memory-corruptionunknown-crash-in-bid_entry-archive_read_support_format_mtree-c/
 	NOTE: https://blogs.gentoo.org/ago/2016/09/11/libarchive-bsdtar-heap-based-buffer-overflow-in-bid_entry-archive_read_support_format_mtree-c/
@@ -8587,6 +8589,7 @@
 	RESERVED
 	{DLA-661-1}
 	- libarchive 3.2.1-5 (bug #840936)
+	[jessie] - libarchive <no-dsa> (Minor issue, can be fixed via point release)
 	NOTE: https://blogs.gentoo.org/ago/2016/09/11/libarchive-bsdtar-stack-based-buffer-overflow-in-bsdtar_expand_char-util-c/
 	NOTE: Fixed by: https://github.com/libarchive/libarchive/commit/e37b620fe8f14535d737e89a4dcabaed4517bf1a
 	NOTE: https://github.com/libarchive/libarchive/issues/767