[Secure-testing-commits] r45668 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Thu Oct 27 17:49:34 UTC 2016
Author: carnil
Date: 2016-10-27 17:49:34 +0000 (Thu, 27 Oct 2016)
New Revision: 45668
Modified:
data/CVE/list
Log:
Add fixed version for CVE-2016-8859/musl, #842171
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-10-27 17:05:59 UTC (rev 45667)
+++ data/CVE/list 2016-10-27 17:49:34 UTC (rev 45668)
@@ -733,7 +733,7 @@
CVE-2016-8859 [Regex integer overflow in buffer size computations]
RESERVED
- tre 0.8.0-5 (bug #842169)
- - musl <unfixed> (bug #842171)
+ - musl 1.1.15-2 (bug #842171)
NOTE: http://www.openwall.com/lists/oss-security/2016/10/19/1
NOTE: other issues may still be present in tre after this: https://github.com/laurikari/tre/issues/37
NOTE: musl patch: http://git.musl-libc.org/cgit/musl/commit/?id=c3edc06d1e1360f3570db9155d6b318ae0d0f0f7, not released yet
More information about the Secure-testing-commits
mailing list