[Secure-testing-commits] r46188 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Mon Nov 14 16:44:12 UTC 2016
Author: carnil
Date: 2016-11-14 16:44:11 +0000 (Mon, 14 Nov 2016)
New Revision: 46188
Modified:
data/CVE/list
Log:
CVE-2016-9296: mark jessie and wheezy as not-affected
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-11-14 16:05:09 UTC (rev 46187)
+++ data/CVE/list 2016-11-14 16:44:11 UTC (rev 46188)
@@ -19,6 +19,8 @@
NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/11/11/14
CVE-2016-9296 [Null pointer dereference in 7zIn.cpp]
- p7zip <unfixed> (bug #844344)
+ [jessie] - p7zip <not-affected> (Vulnerable code with potential NULL pointer dereference introduced later)
+ [wheezy] - p7zip <not-affected> (Vulnerable code with potential NULL pointer dereference introduced later)
NOTE: https://sourceforge.net/p/p7zip/bugs/185/
CVE-2016-9276 [heap-based buffer overflow in dwarf_get_aranges_list (dwarf_arange.c)]
- dwarfutils <unfixed> (bug #844011)
More information about the Secure-testing-commits
mailing list