[Secure-testing-commits] r46807 - data/CVE

[Salvatore Bonaccorso]

Author: carnil
Date: 2016-12-06 05:38:00 +0000 (Tue, 06 Dec 2016)
New Revision: 46807

Modified:
   data/CVE/list
Log:
Two CVEs for unzip allocated

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-12-06 05:36:24 UTC (rev 46806)
+++ data/CVE/list	2016-12-06 05:38:00 UTC (rev 46807)
@@ -534,10 +534,13 @@
 	RESERVED
 CVE-2016-9757
 	RESERVED
-CVE-2016-XXXX [zipinfo buffer overflow]
+CVE-2016-9844 [zipinfo buffer overflow]
 	- unzip <unfixed>
 	NOTE: https://launchpad.net/bugs/1643750
-	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/12/05/13
+	NOTE: http://www.openwall.com/lists/oss-security/2016/12/05/13
+CVE-2014-9913
+	- unzip <unfixed>
+	NOTE: http://www.openwall.com/lists/oss-security/2014/11/03/5
 CVE-2016-XXXX [heap-based buffer overflow in TIFFFillStrip (tif_read.c)]
 	- tiff <unfixed> (bug #846837)
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2608