[Secure-testing-commits] r44428 - in data: . CVE
Balint Reczey
rbalint at moszumanska.debian.org
Thu Sep 8 21:36:50 UTC 2016
Author: rbalint
Date: 2016-09-08 21:36:50 +0000 (Thu, 08 Sep 2016)
New Revision: 44428
Modified:
data/CVE/list
data/dla-needed.txt
Log:
add libarchive for DLA and add reproducer info
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-09-08 21:10:12 UTC (rev 44427)
+++ data/CVE/list 2016-09-08 21:36:50 UTC (rev 44428)
@@ -44,7 +44,7 @@
RESERVED
- libarchive 3.2.0-2
NOTE: https://github.com/libarchive/libarchive/issues/660
- NOTE: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=207362
+ NOTE: (with reproducer) https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=207362
NOTE: Fixed by: https://github.com/libarchive/libarchive/commit/6e06b1c89dd0d16f74894eac4cfc1327a06ee4a0
CVE-2016-7164 [inflate_gzip denial of service]
RESERVED
Modified: data/dla-needed.txt
===================================================================
--- data/dla-needed.txt 2016-09-08 21:10:12 UTC (rev 44427)
+++ data/dla-needed.txt 2016-09-08 21:36:50 UTC (rev 44428)
@@ -23,6 +23,9 @@
inspircd (Chris Lamb)
NOTE: Looking at the code wheezy is affected
--
+libarchive
+ NOTE: reproducer works on Wheezy
+--
libgd2 (Thorsten Alteholz)
--
libical (Ola Lundqvist)
More information about the Secure-testing-commits
mailing list