[Secure-testing-commits] r42456 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Sat Jun 11 07:38:34 UTC 2016


Author: carnil
Date: 2016-06-11 07:38:34 +0000 (Sat, 11 Jun 2016)
New Revision: 42456

Modified:
   data/CVE/list
Log:
Update status for CVE-2016-4571/mxml, fixed now as well with 2.9-2

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-06-11 07:07:04 UTC (rev 42455)
+++ data/CVE/list	2016-06-11 07:38:34 UTC (rev 42456)
@@ -2506,14 +2506,12 @@
 	[jessie] - mxml <no-dsa> (Minor issue)
 	[wheezy] - mxml <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/05/07/8
-	NOTE: Applied patch 05_stack_recursion_fix.diff
 CVE-2016-4571 [Recursion using mxml_write_node at mxml-file.c:2739 (stack-exhaustion-2.xml)]
 	RESERVED
-	- mxml <unfixed> (bug #825855)
+	- mxml 2.9-2 (bug #825855)
 	[jessie] - mxml <no-dsa> (Minor issue)
 	[wheezy] - mxml <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/05/07/8
-	NOTE: Applied patch in 2.9-1 only addresses CVE-2016-4570 but mentioned CVE-2016-4571 as well in changleog
 CVE-2016-4558 (The BPF subsystem in the Linux kernel before 4.5.5 mishandles ...)
 	- linux 4.5.3-1
 	NOTE: Fixed by: https://git.kernel.org/linus/92117d8443bc5afacc8d5ba82e541946310f106e




More information about the Secure-testing-commits mailing list