[Secure-testing-commits] r42818 - data/CVE
Petter Reinholdtsen
pere at moszumanska.debian.org
Mon Jun 27 11:16:31 UTC 2016
Author: pere
Date: 2016-06-27 11:16:31 +0000 (Mon, 27 Jun 2016)
New Revision: 42818
Modified:
data/CVE/list
Log:
Flag three more libarchive issues fixed in version 3.2.1-1 as such.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-06-27 11:00:48 UTC (rev 42817)
+++ data/CVE/list 2016-06-27 11:16:31 UTC (rev 42818)
@@ -4532,19 +4532,25 @@
NOTE: http://www.talosintel.com/reports/TALOS-2016-0164/
CVE-2016-4302 [Libarchive Rar RestartModel Heap Overflow]
RESERVED
- - libarchive <unfixed>
+ - libarchive 3.2.1-1
NOTE: http://blog.talosintel.com/2016/06/the-poisoned-archives.html
NOTE: http://www.talosintel.com/reports/TALOS-2016-0154/
+ NOTE: https://github.com/libarchive/libarchive/issues/719
+ NOTE: Fixed by: https://github.com/libarchive/libarchive/commit/05caadc7eedbef471ac9610809ba683f0c698700
CVE-2016-4301 [mtree parse_device Stack Based Buffer Overflow]
RESERVED
- - libarchive <unfixed>
+ - libarchive 3.2.1-1
NOTE: http://blog.talosintel.com/2016/06/the-poisoned-archives.html
NOTE: http://www.talosintel.com/reports/TALOS-2016-0153/
+ NOTE: https://github.com/libarchive/libarchive/pull/715
+ NOTE: Fixed by: https://github.com/libarchive/libarchive/commit/ecdac4d50db0cf5a0c630ba077729aaa6c5a2dd2
CVE-2016-4300 [7-Zip read_SubStreamsInfo Integer Overflow]
RESERVED
- - libarchive <unfixed>
+ - libarchive 3.2.1-1
NOTE: http://blog.talosintel.com/2016/06/the-poisoned-archives.html
NOTE: http://www.talosintel.com/reports/TALOS-2016-0152/
+ NOTE: https://github.com/libarchive/libarchive/issues/718
+ NOTE: Fixed by: https://github.com/libarchive/libarchive/commit/e79ef306afe332faf22e9b442a2c6b59cb175573
CVE-2016-4299
RESERVED
CVE-2016-4298
More information about the Secure-testing-commits
mailing list