[Secure-testing-commits] r50917 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Sat Apr 22 10:59:16 UTC 2017


Author: carnil
Date: 2017-04-22 10:59:16 +0000 (Sat, 22 Apr 2017)
New Revision: 50917

Modified:
   data/CVE/list
Log:
Mark CVE-2017-7982 as no-dsa

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-04-22 09:36:13 UTC (rev 50916)
+++ data/CVE/list	2017-04-22 10:59:16 UTC (rev 50917)
@@ -145,8 +145,11 @@
 	RESERVED
 CVE-2017-7982 (Integer overflow in the plist_from_bin function in bplist.c in ...)
 	- libplist <unfixed>
+	[jessie] - libplist <no-dsa> (Minor issue)
 	NOTE: Fixed by: https://github.com/libimobiledevice/libplist/commit/fdebf8b319b9280cd0e9b4382f2c7cbf26ef9325
 	NOTE: https://github.com/libimobiledevice/libplist/issues/103
+	NOTE: The issue seems covered in prior versions of upstream dccd9290745345896e3a4a73154576a599fd8b7b
+	NOTE: which is CVE-2017-6440.
 CVE-2017-7981
 	RESERVED
 CVE-2017-7980




More information about the Secure-testing-commits mailing list