[Secure-testing-commits] r41570 - data/CVE

[Salvatore Bonaccorso]

Author: carnil
Date: 2016-05-09 17:47:51 +0000 (Mon, 09 May 2016)
New Revision: 41570

Modified:
   data/CVE/list
Log:
Add CVE-2016-2099/xerces-c

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-05-09 17:35:49 UTC (rev 41569)
+++ data/CVE/list	2016-05-09 17:47:51 UTC (rev 41570)
@@ -7093,8 +7093,11 @@
 CVE-2016-2100
 	RESERVED
 	- foreman <itp> (bug #663101)
-CVE-2016-2099
+CVE-2016-2099 [use-after-free]
 	RESERVED
+	- xerces-c <unfixed>
+	NOTE: https://issues.apache.org/jira/browse/XERCESC-2066
+	TODO: check
 CVE-2016-2098 (Action Pack in Ruby on Rails before 3.2.22.2, 4.x before 4.1.14.2, and ...)
 	{DSA-3509-1}
 	- rails 2:4.2.5.2-1