[Secure-testing-commits] r42441 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Fri Jun 10 16:01:18 UTC 2016
Author: carnil
Date: 2016-06-10 16:01:18 +0000 (Fri, 10 Jun 2016)
New Revision: 42441
Modified:
data/CVE/list
Log:
Mark CVE-2016-4570/mxml as fixed with 2.9-1 upload
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-06-10 15:44:39 UTC (rev 42440)
+++ data/CVE/list 2016-06-10 16:01:18 UTC (rev 42441)
@@ -2414,11 +2414,11 @@
NOT-FOR-US: Samsung Android component
CVE-2016-4570 [Recursion using mxmlDelete at mxml-node.c:217 (stack-exhaustion-1.xml)]
RESERVED
- - mxml <unfixed> (bug #825855)
+ - mxml 2.9-1 (bug #825855)
[jessie] - mxml <no-dsa> (Minor issue)
[wheezy] - mxml <no-dsa> (Minor issue)
NOTE: http://www.openwall.com/lists/oss-security/2016/05/07/8
- NOTE: Applied patch in 2.9-1 seems not to fix the issue, asked uploader
+ NOTE: Applied patch 05_stack_recursion_fix.diff
CVE-2016-4571 [Recursion using mxml_write_node at mxml-file.c:2739 (stack-exhaustion-2.xml)]
RESERVED
- mxml <unfixed> (bug #825855)
More information about the Secure-testing-commits
mailing list