[Secure-testing-commits] r41698 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Fri May 13 05:20:49 UTC 2016


Author: carnil
Date: 2016-05-13 05:20:49 +0000 (Fri, 13 May 2016)
New Revision: 41698

Modified:
   data/CVE/list
Log:
Add bugreport for CVE-2016-233{4,5}

Note for reviewers: the code in the p7zip might be affected as well
although TALOS report mentions only 7zip. Better on the safe side I
already opened the bug in BTS.

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-05-13 04:59:34 UTC (rev 41697)
+++ data/CVE/list	2016-05-13 05:20:49 UTC (rev 41698)
@@ -6701,13 +6701,13 @@
 	RESERVED
 CVE-2016-2336
 	RESERVED
-CVE-2016-2335
+CVE-2016-2335 [Out-of-bounds read vuilerability]
 	RESERVED
-	- p7zip <unfixed>
+	- p7zip <unfixed> (bug #824160)
 	NOTE: http://www.talosintel.com/reports/TALOS-2016-0094/
-CVE-2016-2334
+CVE-2016-2334 [Heap-buffer-overflow vulnerability]
 	RESERVED
-	- p7zip <unfixed>
+	- p7zip <unfixed> (bug #824160)
 	NOTE: http://www.talosintel.com/reports/TALOS-2016-0093/
 CVE-2016-2333 (SysLINK SL-1000 Machine-to-Machine (M2M) Modular Gateway devices with ...)
 	TODO: check




More information about the Secure-testing-commits mailing list