[Secure-testing-commits] r40545 - data/CVE

Moritz Muehlenhoff jmm at moszumanska.debian.org
Wed Mar 23 23:22:03 UTC 2016


Author: jmm
Date: 2016-03-23 23:22:02 +0000 (Wed, 23 Mar 2016)
New Revision: 40545

Modified:
   data/CVE/list
Log:
libtorrent-rasterbar fixed


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-03-23 23:06:58 UTC (rev 40544)
+++ data/CVE/list	2016-03-23 23:22:02 UTC (rev 40545)
@@ -18789,8 +18789,7 @@
 	RESERVED
 CVE-2015-5685 (The lazy_bdecode function in BitTorrent DHT bootstrap server ...)
 	{DLA-312-1}
-	- libtorrent-rasterbar <unfixed> (bug #797046)
-	[experimental] - libtorrent-rasterbar 1.0.6-1
+	- libtorrent-rasterbar 1.0.6-1 (bug #797046)
 	NOTE: Even though the CVE mentions BitTorrent DHT Bootstrap server, the vulnerable lazy_bdecode() function is effectively also available in libtorrent-rasterbar in all Debian releases.
 	NOTE: Patch on libtorrent-rasterbar that has been applied in 1.0.6: https://github.com/arvidn/libtorrent/commit/d9945f6f50a8c967888cd9c2ebe65ffbe462056e
 CVE-2015-5684




More information about the Secure-testing-commits mailing list