[Secure-testing-commits] r44573 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Wed Sep 14 06:35:57 UTC 2016
Author: carnil
Date: 2016-09-14 06:35:57 +0000 (Wed, 14 Sep 2016)
New Revision: 44573
Modified:
data/CVE/list
Log:
Add CVE-2016-7167/curl
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-09-14 05:18:23 UTC (rev 44572)
+++ data/CVE/list 2016-09-14 06:35:57 UTC (rev 44573)
@@ -2752,8 +2752,13 @@
NOTE: https://wordpress.org/news/2016/09/wordpress-4-6-1-security-and-maintenance-release/
NOTE: Fixed in 4.6.1 release upstream
NOTE: Fixed by: https://core.trac.wordpress.org/changeset/38538
-CVE-2016-7167
+CVE-2016-7167 [curl escape and unescape integer overflows]
RESERVED
+ - curl <unfixed>
+ NOTE: Upstream advisory: https://curl.haxx.se/docs/adv_20160914.html
+ NOTE: Upstream patch: https://curl.haxx.se/CVE-2016-7167.patch
+ NOTE: Affected versions: libcurl 7.11.1 to and including 7.50.2
+ NOTE: Not affected versions: libcurl < 7.11.1 and libcurl >= 7.50.3
CVE-2016-7165
RESERVED
CVE-2016-7162
More information about the Secure-testing-commits
mailing list