[Secure-testing-commits] r45139 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Fri Oct 7 18:10:42 UTC 2016
Author: carnil
Date: 2016-10-07 18:10:42 +0000 (Fri, 07 Oct 2016)
New Revision: 45139
Modified:
data/CVE/list
Log:
CVE-2016-7977: replace with commit from main repo
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-10-07 17:48:09 UTC (rev 45138)
+++ data/CVE/list 2016-10-07 18:10:42 UTC (rev 45139)
@@ -222,7 +222,7 @@
- ghostscript <unfixed> (high; bug #839841)
NOTE: Upstream bug: http://bugs.ghostscript.com/show_bug.cgi?id=697169
NOTE: Reproducer: http://www.openwall.com/lists/oss-security/2016/09/29/28
- NOTE: Patch: http://git.ghostscript.com/?p=user/chrisl/ghostpdl.git;h=cf046d2f0fa2c6973c6ca8d582a9b185cc4bd280
+ NOTE: Patch: http://git.ghostscript.com/?p=ghostpdl.git;h=8abd22010eb4db0fb1b10e430d5f5d83e015ef70
NOTE: http://www.openwall.com/lists/oss-security/2016/10/05/7
CVE-2016-7976 [various userparams allow %pipe% in paths, allowing remote shell command execution]
RESERVED
More information about the Secure-testing-commits
mailing list