[Secure-testing-commits] r45694 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Fri Oct 28 07:40:11 UTC 2016
Author: carnil
Date: 2016-10-28 07:40:10 +0000 (Fri, 28 Oct 2016)
New Revision: 45694
Modified:
data/CVE/list
Log:
Reference original advisory for CVE-2016-6321/tar
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-10-28 07:20:26 UTC (rev 45693)
+++ data/CVE/list 2016-10-28 07:40:10 UTC (rev 45694)
@@ -8160,7 +8160,7 @@
CVE-2016-6321 [Bypassing the extract path name]
RESERVED
- tar <unfixed>
- NOTE: http://seclists.org/fulldisclosure/2016/Oct/96
+ NOTE: https://sintonen.fi/advisories/tar-extract-pathname-bypass.txt
TODO: check
CVE-2016-6320 (Cross-site scripting (XSS) vulnerability in ...)
- foreman <itp> (bug #663101)
More information about the Secure-testing-commits
mailing list