[Secure-testing-commits] r45887 - data/CVE

[Balint Reczey]

Author: rbalint
Date: 2016-11-02 13:16:23 +0000 (Wed, 02 Nov 2016)
New Revision: 45887

Modified:
   data/CVE/list
Log:
update info on libwmf CVE-2016-9011

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-11-02 13:10:49 UTC (rev 45886)
+++ data/CVE/list	2016-11-02 13:16:23 UTC (rev 45887)
@@ -567,10 +567,12 @@
 	RESERVED
 	- libwmf <unfixed> (bug #842090)
 	[jessie] - libwmf <no-dsa> (Minor issue)
+	[wheezy] - libwmf 0.2.8.4-10.3+deb7u2
 	NOTE: http://www.openwall.com/lists/oss-security/2016/10/18/9
 	NOTE: https://blogs.gentoo.org/ago/2016/10/18/libwmf-memory-allocation-failure-in-wmf_malloc-api-c
 	NOTE: Reproducer: https://github.com/asarubbo/poc/blob/master/00015-libwmf-memalloc-wmf_malloc
 	NOTE: Proposed patch: https://bugs.debian.org/cgi-bin/bugreport.cgi?att=1;bug=842090;filename=libwmf-0.2.8.4-CVE-2016-9011-debian.patch;msg=10
+	NOTE: NMU for unstable is in DELAYED/10, proposed jessie update is in #842938
 CVE-2016-8908
 	RESERVED
 CVE-2016-8907