[Secure-testing-commits] r45364 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Sun Oct 16 09:52:30 UTC 2016 

Author: carnil
Date: 2016-10-16 09:52:29 +0000 (Sun, 16 Oct 2016)
New Revision: 45364

Modified:
   data/CVE/list
Log:
Add bug references for libarchive issues, #840934, #840935, #840936

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-10-16 09:22:33 UTC (rev 45363)
+++ data/CVE/list	2016-10-16 09:52:29 UTC (rev 45364)
@@ -53,12 +53,12 @@
 	- jasper <unfixed>
 	NOTE: CVE ID for the first and fifth items of http://www.openwall.com/lists/oss-security/2016/08/23/6 post
 CVE-2016-8689
-	- libarchive <unfixed>
+	- libarchive <unfixed> (bug #840934)
 	NOTE: https://blogs.gentoo.org/ago/2016/09/11/libarchive-bsdtar-heap-based-buffer-overflow-in-read_header-archive_read_support_format_7zip-c/
 	NOTE: https://github.com/libarchive/libarchive/issues/761
 	NOTE: Fixed by: https://github.com/libarchive/libarchive/commit/7f17c791dcfd8c0416e2cd2485b19410e47ef126
 CVE-2016-8688
-	- libarchive <unfixed>
+	- libarchive <unfixed> (bug #840935)
 	NOTE: https://blogs.gentoo.org/ago/2016/09/11/libarchive-bsdtar-heap-based-buffer-overflow-in-detect_form-archive_read_support_format_mtree-c/
 	NOTE: https://blogs.gentoo.org/ago/2016/09/11/libarchive-bsdtar-memory-corruptionunknown-crash-in-bid_entry-archive_read_support_format_mtree-c/
 	NOTE: https://blogs.gentoo.org/ago/2016/09/11/libarchive-bsdtar-heap-based-buffer-overflow-in-bid_entry-archive_read_support_format_mtree-c/
@@ -66,7 +66,7 @@
 	NOTE: https://blogs.gentoo.org/ago/2016/09/11/libarchive-bsdtar-use-after-free-in-detect_form-archive_read_support_format_mtree-c/
 	NOTE: Fixed by: https://github.com/libarchive/libarchive/commit/eec077f52bfa2d3f7103b4b74d52572ba8a15aca
 CVE-2016-8687
-	- libarchive <unfixed>
+	- libarchive <unfixed> (bug #840936)
 	NOTE: https://blogs.gentoo.org/ago/2016/09/11/libarchive-bsdtar-stack-based-buffer-overflow-in-bsdtar_expand_char-util-c/
 	NOTE: Fixed by: https://github.com/libarchive/libarchive/commit/e37b620fe8f14535d737e89a4dcabaed4517bf1a
 	NOTE: https://github.com/libarchive/libarchive/issues/767

More information about the Secure-testing-commits mailing list