[Secure-testing-commits] r50927 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Sat Apr 22 17:06:11 UTC 2017
Author: jmm
Date: 2017-04-22 17:06:11 +0000 (Sat, 22 Apr 2017)
New Revision: 50927
Modified:
data/CVE/list
Log:
capnproto unimportant, doesn't affect GCC
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-04-22 16:01:36 UTC (rev 50926)
+++ data/CVE/list 2017-04-22 17:06:11 UTC (rev 50927)
@@ -493,10 +493,10 @@
CVE-2017-7893
RESERVED
CVE-2017-7892 (Sandstorm Cap'n Proto before 0.5.3.1 allows remote crashes related to a ...)
- - capnproto <unfixed>
+ - capnproto <unfixed> (unimportant)
NOTE: https://github.com/sandstorm-io/capnproto/blob/master/security-advisories/2017-04-17-0-apple-clang-elides-bounds-check.md
NOTE: Fixed by: https://github.com/sandstorm-io/capnproto/commit/52bc956459a5e83d7c31be95763ff6399e064ae4
- TODO: according to the advisory so far only Apple's compiler has been shown to apply the problematic optimization, so possibly "unimportant" for us, but fixed in 0.5.3.1 upstream
+ NOTE: So far only Apple's compiler has been shown to apply the problematic optimization, fixed in 0.5.3.1 upstream
CVE-2017-7891 (sourcebans-pp (SourceBans++) 1.5.4.7 has XSS in admin.comms.php via the ...)
NOT-FOR-US: SourceBans++
CVE-2017-7890
More information about the Secure-testing-commits
mailing list