[Secure-testing-commits] r46131 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Fri Nov 11 19:33:39 UTC 2016
Author: carnil
Date: 2016-11-11 19:33:39 +0000 (Fri, 11 Nov 2016)
New Revision: 46131
Modified:
data/CVE/list
Log:
Update status for dwarfutils
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-11-11 19:29:12 UTC (rev 46130)
+++ data/CVE/list 2016-11-11 19:33:39 UTC (rev 46131)
@@ -1,10 +1,13 @@
CVE-2016-9276 [heap-based buffer overflow in dwarf_get_aranges_list (dwarf_arange.c)]
- dwarfutils <unfixed> (bug #844011)
+ [jessie] - dwarfutils <no-dsa> (Minor issue)
NOTE: https://sourceforge.net/p/libdwarf/code/ci/583f8834083b5ef834c497f5b47797e16101a9a6/
NOTE: https://blogs.gentoo.org/ago/2016/11/07/libdwarf-heap-based-buffer-overflow-in-dwarf_get_aranges_list-dwarf_arange-c
NOTE: Same commit as for CVE-2016-9275. Needs the dwarf_arange.c part of the commit.
CVE-2016-9275 [heap-based buffer overflow in _dwarf_skim_forms (dwarf_macro5.c)]
- dwarfutils <unfixed> (bug #844012)
+ [jessie] - dwarfutils <not-affected> (Vulnerable code not present)
+ [wheezy] - dwarfutils <not-affected> (Vulnerable code not present)
NOTE: https://sourceforge.net/p/libdwarf/code/ci/583f8834083b5ef834c497f5b47797e16101a9a6/
NOTE: https://blogs.gentoo.org/ago/2016/11/07/libdwarf-heap-based-buffer-overflow-in-_dwarf_skim_forms-dwarf_macro5-c
NOTE: Same commit as for CVE-2016-9276. Needs the dwarf_macro5.c part of the commit.
More information about the Secure-testing-commits
mailing list