[Secure-testing-commits] r50954 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sun Apr 23 10:20:09 UTC 2017
Author: carnil
Date: 2017-04-23 10:20:09 +0000 (Sun, 23 Apr 2017)
New Revision: 50954
Modified:
data/CVE/list
Log:
Add tracking entries for cargo
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-04-23 10:16:51 UTC (rev 50953)
+++ data/CVE/list 2017-04-23 10:20:09 UTC (rev 50954)
@@ -8756,16 +8756,22 @@
CVE-2016-10130 (The http_connect function in transports/http.c in libgit2 before ...)
- libgit2 <unfixed> (bug #851406)
[jessie] - libgit2 <not-affected> (Vulnerable code not present)
+ [experimental] - cargo 0.17.0-1~exp1
+ - cargo <unfixed> (bug #860990)
NOTE: https://github.com/libgit2/libgit2/commit/9a64e62f0f20c9cf9b2e1609f037060eb2d8eb22 (v0.25.1)
NOTE: https://github.com/libgit2/libgit2/commit/b5c6a1b407b7f8b952bded2789593b68b1876211 (v0.24.6)
CVE-2016-10129 (The Git Smart Protocol support in libgit2 before 0.24.6 and 0.25.x ...)
- libgit2 <unfixed> (bug #851406)
[jessie] - libgit2 <no-dsa> (Minor issue)
+ [experimental] - cargo 0.17.0-1~exp1
+ - cargo <unfixed> (bug #860990)
NOTE: https://github.com/libgit2/libgit2/commit/2fdef641fd0dd2828bd948234ae86de75221a11a (v0.25.1)
NOTE: https://github.com/libgit2/libgit2/commit/84d30d569ada986f3eef527cbdb932643c2dd037 (v0.24.6)
CVE-2016-10128 (Buffer overflow in the git_pkt_parse_line function in ...)
- libgit2 <unfixed> (bug #851406)
[jessie] - libgit2 <no-dsa> (Minor issue)
+ [experimental] - cargo 0.17.0-1~exp1
+ - cargo <unfixed> (bug #860990)
NOTE: https://github.com/libgit2/libgit2/commit/66e3774d279672ee51c3b54545a79d20d1ada834 (v0.25.1)
NOTE: https://github.com/libgit2/libgit2/commit/4ac39c76c0153d1ee6889a0984c39e97731684b2 (v0.24.6)
CVE-2016-10126 (Splunk Web in Splunk Enterprise 5.0.x before 5.0.17, 6.0.x before ...)
@@ -25021,10 +25027,14 @@
CVE-2016-8569 (The git_oid_nfmt function in commit.c in libgit2 before 0.24.3 allows ...)
- libgit2 0.24.2-2 (bug #840227)
[jessie] - libgit2 <no-dsa> (Minor issue)
+ [experimental] - cargo 0.17.0-1~exp1
+ - cargo <unfixed> (bug #860989)
NOTE: https://github.com/libgit2/libgit2/issues/3937
CVE-2016-8568 (The git_commit_message function in oid.c in libgit2 before 0.24.3 ...)
- libgit2 0.24.5-1 (bug #840227)
[jessie] - libgit2 <no-dsa> (Minor issue)
+ [experimental] - cargo 0.17.0-1~exp1
+ - cargo <unfixed> (bug #860989)
NOTE: https://github.com/libgit2/libgit2/issues/3936
CVE-2016-8490
RESERVED
More information about the Secure-testing-commits
mailing list