[Secure-testing-commits] r45809 - in data: . CVE
Guido Guenther
agx at moszumanska.debian.org
Mon Oct 31 17:29:39 UTC 2016
Author: agx
Date: 2016-10-31 17:29:39 +0000 (Mon, 31 Oct 2016)
New Revision: 45809
Modified:
data/CVE/list
data/dla-needed.txt
Log:
lts-triage libupnp / libupnp4
The crash is reproducible on wheezy libupnp, libupnp4 has very similar
code.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-10-31 16:54:53 UTC (rev 45808)
+++ data/CVE/list 2016-10-31 17:29:39 UTC (rev 45809)
@@ -519,6 +519,7 @@
CVE-2016-8863 [Buffer overflow in create_url_list]
RESERVED
- libupnp <unfixed> (bug #842093)
+ - libupnp4 <removed>
NOTE: https://sourceforge.net/p/pupnp/bugs/133/
CVE-2016-8861
RESERVED
Modified: data/dla-needed.txt
===================================================================
--- data/dla-needed.txt 2016-10-31 16:54:53 UTC (rev 45808)
+++ data/dla-needed.txt 2016-10-31 17:29:39 UTC (rev 45809)
@@ -48,6 +48,11 @@
libwmf (Balint Reczey)
NOTE: Patch is available in bug #842090, probably needs NMU in unstable
--
+libupnp
+--
+libupnp4
+ NOTE: same issues as in libupnp
+--
linux
--
mysql-5.5
More information about the Secure-testing-commits
mailing list