[Secure-testing-commits] r44564 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Tue Sep 13 18:35:40 UTC 2016
Author: carnil
Date: 2016-09-13 18:35:40 +0000 (Tue, 13 Sep 2016)
New Revision: 44564
Modified:
data/CVE/list
Log:
Add upstream commit for CVE-2016-5418/libarchive
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-09-13 17:49:39 UTC (rev 44563)
+++ data/CVE/list 2016-09-13 18:35:40 UTC (rev 44564)
@@ -8252,8 +8252,8 @@
RESERVED
- libarchive <unfixed>
NOTE: Centos patch: https://git.centos.org/blob/rpms!libarchive.git/9952851f8b327a8c93d26a5873c190c1fb09ae6c/SOURCES!libarchive-3.1.2-CVE-2016-5418.patch;jsessionid=1dexz8h9qdewibih5aonbu3
- NOTE: Centos addition patch: https://git.centos.org/blob/rpms!libarchive.git/9952851f8b327a8c93d26a5873c190c1fb09ae6c/SOURCES!libarchive-3.1.2-CVE-2016-5418-variation.patch;jsessionid=1dexz8h9qdewibih5aonbu3
- TODO: Red Hat does not yet reference the corresponding (acknowledged) upstream commits, wait for details
+ NOTE: Centos additional patch: https://git.centos.org/blob/rpms!libarchive.git/9952851f8b327a8c93d26a5873c190c1fb09ae6c/SOURCES!libarchive-3.1.2-CVE-2016-5418-variation.patch;jsessionid=1dexz8h9qdewibih5aonbu3
+ NOTE: Fixed by: https://github.com/libarchive/libarchive/commit/dfd6b54ce33960e420fb206d8872fb759b577ad9
CVE-2016-5417 [per-thread memory leak in __res_vinit with IPv6 nameservers]
RESERVED
- glibc 2.22-4 (bug #833302)
More information about the Secure-testing-commits
mailing list