[Secure-testing-commits] r45245 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Wed Oct 12 05:22:07 UTC 2016
Author: carnil
Date: 2016-10-12 05:22:07 +0000 (Wed, 12 Oct 2016)
New Revision: 45245
Modified:
data/CVE/list
Log:
Add two CVEs for guile-2.0
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-10-12 05:14:30 UTC (rev 45244)
+++ data/CVE/list 2016-10-12 05:22:07 UTC (rev 45245)
@@ -1,3 +1,12 @@
+CVE-2016-8606 [REPL server vulnerable to HTTP inter-protocol attacks]
+ - guile-2.0 <unfixed>
+ NOTE: Patch: http://git.savannah.gnu.org/cgit/guile.git/commit/?h=stable-2.0&id=08c021916dbd3a235a9f9cc33df4c418c0724e03
+ TODO: check and if this potentially affects guile-1.8 as well
+CVE-2016-8605 [Thread-unsafe umask modification]
+ - guile-2.0 <unfixed>
+ NOTE: http://bugs.gnu.org/24659
+ NOTE: Patch: http://git.savannah.gnu.org/cgit/guile.git/commit/?h=stable-2.0&id=245608911698adb3472803856019bdd5670b6614
+ TODO: check and if this potentially affects guile-1.8 as well
CVE-2016-8593
RESERVED
CVE-2016-8592
More information about the Secure-testing-commits
mailing list