[Secure-testing-commits] r41752 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Mon May 16 05:26:02 UTC 2016
Author: carnil
Date: 2016-05-16 05:26:02 +0000 (Mon, 16 May 2016)
New Revision: 41752
Modified:
data/CVE/list
Log:
CVE-2016-1762/libxml2
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-05-16 05:20:36 UTC (rev 41751)
+++ data/CVE/list 2016-05-16 05:26:02 UTC (rev 41752)
@@ -2218,12 +2218,6 @@
NOTE: https://github.com/weidai11/cryptopp/issues/146
NOTE: http://www.openwall.com/lists/oss-security/2016/04/10/6
NOTE: Initial upload in 5.6.3-5 was incomplete
-CVE-2016-XXXX [Heap-based buffer overread in xmlNextChar]
- - libxml2 <unfixed>
- NOTE: https://git.gnome.org/browse/libxml2/commit/?id=a7a94612aa3b16779e2c74e1fa353b5d9786c602
- NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=759671
- TODO: check versions, upstream but not yet public open but referenced in commit
- TODO: vtk6, paraview, opencollada, xdmf, gettext appear to include the affected code
CVE-2016-3994 [GIF loader: out-of-bounds read]
RESERVED
{DSA-3555-1}
@@ -8966,7 +8960,10 @@
TODO: check
CVE-2016-1762 (libxml2 in Apple iOS before 9.3, OS X before 10.11.4, Safari before ...)
- libxml2 <unfixed>
- TODO: check
+ NOTE: https://git.gnome.org/browse/libxml2/commit/?id=a7a94612aa3b16779e2c74e1fa353b5d9786c602
+ NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=759671
+ TODO: check versions, upstream bug not yet public open but referenced in commit
+ TODO: vtk6, paraview, opencollada, xdmf, gettext appear to include the affected code
CVE-2016-1761 (libxml2 in Apple iOS before 9.3, OS X before 10.11.4, and watchOS ...)
- libxml2 <unfixed>
TODO: check
More information about the Secure-testing-commits
mailing list