[Secure-testing-commits] r50954 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Sun Apr 23 10:20:09 UTC 2017 

Author: carnil
Date: 2017-04-23 10:20:09 +0000 (Sun, 23 Apr 2017)
New Revision: 50954

Modified:
   data/CVE/list
Log:
Add tracking entries for cargo

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-04-23 10:16:51 UTC (rev 50953)
+++ data/CVE/list	2017-04-23 10:20:09 UTC (rev 50954)
@@ -8756,16 +8756,22 @@
 CVE-2016-10130 (The http_connect function in transports/http.c in libgit2 before ...)
 	- libgit2 <unfixed> (bug #851406)
 	[jessie] - libgit2 <not-affected> (Vulnerable code not present)
+	[experimental] - cargo 0.17.0-1~exp1
+	- cargo <unfixed> (bug #860990)
 	NOTE: https://github.com/libgit2/libgit2/commit/9a64e62f0f20c9cf9b2e1609f037060eb2d8eb22 (v0.25.1)
 	NOTE: https://github.com/libgit2/libgit2/commit/b5c6a1b407b7f8b952bded2789593b68b1876211 (v0.24.6)
 CVE-2016-10129 (The Git Smart Protocol support in libgit2 before 0.24.6 and 0.25.x ...)
 	- libgit2 <unfixed> (bug #851406)
 	[jessie] - libgit2 <no-dsa> (Minor issue)
+	[experimental] - cargo 0.17.0-1~exp1
+	- cargo <unfixed> (bug #860990)
 	NOTE: https://github.com/libgit2/libgit2/commit/2fdef641fd0dd2828bd948234ae86de75221a11a (v0.25.1)
 	NOTE: https://github.com/libgit2/libgit2/commit/84d30d569ada986f3eef527cbdb932643c2dd037 (v0.24.6)
 CVE-2016-10128 (Buffer overflow in the git_pkt_parse_line function in ...)
 	- libgit2 <unfixed> (bug #851406)
 	[jessie] - libgit2 <no-dsa> (Minor issue)
+	[experimental] - cargo 0.17.0-1~exp1
+	- cargo <unfixed> (bug #860990)
 	NOTE: https://github.com/libgit2/libgit2/commit/66e3774d279672ee51c3b54545a79d20d1ada834 (v0.25.1)
 	NOTE: https://github.com/libgit2/libgit2/commit/4ac39c76c0153d1ee6889a0984c39e97731684b2 (v0.24.6)
 CVE-2016-10126 (Splunk Web in Splunk Enterprise 5.0.x before 5.0.17, 6.0.x before ...)
@@ -25021,10 +25027,14 @@
 CVE-2016-8569 (The git_oid_nfmt function in commit.c in libgit2 before 0.24.3 allows ...)
 	- libgit2 0.24.2-2 (bug #840227)
 	[jessie] - libgit2 <no-dsa> (Minor issue)
+	[experimental] - cargo 0.17.0-1~exp1
+	- cargo <unfixed> (bug #860989)
 	NOTE: https://github.com/libgit2/libgit2/issues/3937
 CVE-2016-8568 (The git_commit_message function in oid.c in libgit2 before 0.24.3 ...)
 	- libgit2 0.24.5-1 (bug #840227)
 	[jessie] - libgit2 <no-dsa> (Minor issue)
+	[experimental] - cargo 0.17.0-1~exp1
+	- cargo <unfixed> (bug #860989)
 	NOTE: https://github.com/libgit2/libgit2/issues/3936
 CVE-2016-8490
 	RESERVED

More information about the Secure-testing-commits mailing list