[Secure-testing-commits] r44425 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Thu Sep 8 18:02:52 UTC 2016
Author: carnil
Date: 2016-09-08 18:02:52 +0000 (Thu, 08 Sep 2016)
New Revision: 44425
Modified:
data/CVE/list
Log:
Add CVE-2016-7166/libarchive
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-09-08 17:42:54 UTC (rev 44424)
+++ data/CVE/list 2016-09-08 18:02:52 UTC (rev 44425)
@@ -11,6 +11,11 @@
NOTE: http://xenbits.xen.org/xsa/advisory-188.html
NOTE: Only affects Xen 4.4, as workaround it is marked as fixed in the first xen version entering unstable
NOTE: after the 4.4 series.
+CVE-2016-7166 [denial of service with gzip quine]
+ - libarchive 3.2.0-2
+ NOTE: https://github.com/libarchive/libarchive/issues/660
+ NOTE: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=207362
+ NOTE: Fixed by: https://github.com/libarchive/libarchive/commit/6e06b1c89dd0d16f74894eac4cfc1327a06ee4a0
CVE-2016-7164 [inflate_gzip denial of service]
- libtorrent-rasterbar <unfixed>
NOTE: https://github.com/arvidn/libtorrent/issues/1021
More information about the Secure-testing-commits
mailing list