[Secure-testing-commits] r46616 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Mon Nov 28 09:39:42 UTC 2016
Author: carnil
Date: 2016-11-28 09:39:42 +0000 (Mon, 28 Nov 2016)
New Revision: 46616
Modified:
data/CVE/list
Log:
dwarfutils issues fixed in unstable
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-11-28 09:25:13 UTC (rev 46615)
+++ data/CVE/list 2016-11-28 09:39:42 UTC (rev 46616)
@@ -540,7 +540,7 @@
NOTE: Fixed by: https://github.com/mdadams/jasper/commit/1abc2e5a401a4bf1d5ca4df91358ce5df111f495
CVE-2016-9558 [negation overflow in dwarf_leb.c]
RESERVED
- - dwarfutils <unfixed> (bug #845408)
+ - dwarfutils 20161124-1 (bug #845408)
[jessie] - dwarfutils <no-dsa> (Minor issue)
[wheezy] - dwarfutils <no-dsa> (Minor issue)
NOTE: https://blogs.gentoo.org/ago/2016/11/19/libdwarf-negation-overflow-in-dwarf_leb-c
@@ -1421,7 +1421,7 @@
NOT-FOR-US: Samsung Exynos fimg2d driver for Android
CVE-2016-9276 [heap-based buffer overflow in dwarf_get_aranges_list (dwarf_arange.c)]
RESERVED
- - dwarfutils <unfixed> (bug #844011)
+ - dwarfutils 20161124-1 (bug #844011)
[jessie] - dwarfutils <no-dsa> (Minor issue)
[wheezy] - dwarfutils <no-dsa> (Minor issue)
NOTE: https://sourceforge.net/p/libdwarf/code/ci/583f8834083b5ef834c497f5b47797e16101a9a6/
@@ -1429,7 +1429,7 @@
NOTE: Same commit as for CVE-2016-9275. Needs the dwarf_arange.c part of the commit.
CVE-2016-9275 [heap-based buffer overflow in _dwarf_skim_forms (dwarf_macro5.c)]
RESERVED
- - dwarfutils <unfixed> (bug #844012)
+ - dwarfutils 20161124-1 (bug #844012)
[jessie] - dwarfutils <not-affected> (Vulnerable code not present)
[wheezy] - dwarfutils <not-affected> (Vulnerable code not present)
NOTE: https://sourceforge.net/p/libdwarf/code/ci/583f8834083b5ef834c497f5b47797e16101a9a6/
More information about the Secure-testing-commits
mailing list