[Secure-testing-commits] r40406 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Wed Mar 16 05:13:32 UTC 2016
Author: carnil
Date: 2016-03-16 05:13:32 +0000 (Wed, 16 Mar 2016)
New Revision: 40406
Modified:
data/CVE/list
Log:
Clarify for what the CVE assignments are for the git issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-03-16 04:08:50 UTC (rev 40405)
+++ data/CVE/list 2016-03-16 05:13:32 UTC (rev 40406)
@@ -2522,13 +2522,13 @@
NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=7c0b84d89911b2035161f5ef51aafbfcc84aa9e2
CVE-2016-2325
RESERVED
-CVE-2016-2324
+CVE-2016-2324 [integer overflow due to a loop which adds more to "len"]
RESERVED
- git <unfixed> (bug #818318)
NOTE: Removal of path_name: https://github.com/git/git/commit/9831e92bfa833ee9c0ce464bbc2f941ae6c2698d (v2.8.0-rc0)
- NOTE: Issue should be fixed in 2.7.1
+ NOTE: Issue should be fixed in 2.7.1 according to reporter
NOTE: http://www.openwall.com/lists/oss-security/2016/03/16/2
- TODO: check
+ TODO: check (fixing commit in v2.7.1)
CVE-2016-2323
RESERVED
CVE-2016-2322
@@ -2539,7 +2539,7 @@
RESERVED
CVE-2016-2319
RESERVED
-CVE-2016-2315
+CVE-2016-2315 ["int" is the wrong data type for ... nlen assignment]
RESERVED
- git 1:2.7.0-1 (bug #818318)
NOTE: https://github.com/git/git/commit/34fa79a6cde56d6d428ab0d3160cb094ebad3305 (v2.7.0-rc0)
More information about the Secure-testing-commits
mailing list