[Secure-testing-commits] r50713 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Mon Apr 17 06:17:15 UTC 2017
Author: carnil
Date: 2017-04-17 06:17:15 +0000 (Mon, 17 Apr 2017)
New Revision: 50713
Modified:
data/CVE/list
Log:
Add notes for CVE-2016-5824
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-04-17 03:42:55 UTC (rev 50712)
+++ data/CVE/list 2017-04-17 06:17:15 UTC (rev 50713)
@@ -33010,10 +33010,14 @@
NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=1280832
CVE-2016-5824 (libical 1.0 allows remote attackers to cause a denial of service ...)
- libical <unfixed>
- NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=1275400
+ NOTE: Original report: https://github.com/libical/libical/issues/235
+ NOTE: Reopened at: https://bugzilla.mozilla.org/show_bug.cgi?id=1275400
NOTE: Reproducer: https://bugzilla.mozilla.org/attachment.cgi?id=8757553
- NOTE: Upstream ticket: https://github.com/libical/libical/issues/286
- NOTE: Upstream ticket: https://github.com/libical/libical/issues/251
+ NOTE: Related upstream ticket: https://github.com/libical/libical/issues/286
+ NOTE: Related upstream ticket: https://github.com/libical/libical/issues/251
+ NOTE: Whilst the upstream commits in issues/251 fix the issue of #251 itself
+ NOTE: they do not fix the bugzilla.mozilla.org case 1275400 which was assigned
+ NOTE: in http://www.openwall.com/lists/oss-security/2016/06/25/4
CVE-2016-5823 (The icalproperty_new_clone function in libical 0.47 and 1.0 allows ...)
- libical 1.0-1
[wheezy] - libical <no-dsa> (Only possible denial of service, not severe enough to solve)
More information about the Secure-testing-commits
mailing list