[Secure-testing-commits] r45073 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Wed Oct 5 17:22:32 UTC 2016
Author: carnil
Date: 2016-10-05 17:22:32 +0000 (Wed, 05 Oct 2016)
New Revision: 45073
Modified:
data/CVE/list
Log:
Add bug reference as cloned for ghostscript, #839841
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-10-05 17:15:12 UTC (rev 45072)
+++ data/CVE/list 2016-10-05 17:22:32 UTC (rev 45073)
@@ -11,7 +11,7 @@
NOTE: Patch: http://git.ghostscript.com/?p=user/chrisl/ghostpdl.git;a=commitdiff;h=d5ad1e02
NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/10/05/7
CVE-2016-XXXX [.libfile doesn't check PermitFileReading array, allowing remote file disclosure]
- - ghostscript <unfixed> (high; bug #839260)
+ - ghostscript <unfixed> (high; bug #839841)
NOTE: Upstream bug: http://bugs.ghostscript.com/show_bug.cgi?id=697169
NOTE: Reproducer: http://www.openwall.com/lists/oss-security/2016/09/29/28
NOTE: Patch: http://git.ghostscript.com/?p=user/chrisl/ghostpdl.git;a=commitdiff;h=cf046d2
More information about the Secure-testing-commits
mailing list