[Secure-testing-commits] r38782 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Fri Jan 8 18:09:38 UTC 2016
Author: jmm
Date: 2016-01-08 18:09:38 +0000 (Fri, 08 Jan 2016)
New Revision: 38782
Modified:
data/CVE/list
Log:
add comment on affected versions
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-01-08 16:13:19 UTC (rev 38781)
+++ data/CVE/list 2016-01-08 18:09:38 UTC (rev 38782)
@@ -14,7 +14,7 @@
CVE-2015-XXXX [use after free / double free]
- lighttpd 1.4.39-1
NOTE: http://redmine.lighttpd.net/issues/2700
- TODO: check older versions
+ TODO: check older versions, seems to have been introduced in 1.4.38, but confirm
CVE-2016-1503 [heap overflow via malformed dhcp responses in print_option (via dhcp_envoption1) due to incorrect option length values]
- dhcpcd5 <unfixed>
- dhcpcd <removed>
More information about the Secure-testing-commits
mailing list