[Secure-testing-commits] r54303 - data/CVE

[Sebastian Andrzej Siewior]

Author: bigeasy
Date: 2017-08-04 22:28:56 +0000 (Fri, 04 Aug 2017)
New Revision: 54303

Modified:
   data/CVE/list
Log:
CVE-2017-11423: Add clamav/wheezy notes



Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-08-04 21:44:05 UTC (rev 54302)
+++ data/CVE/list	2017-08-04 22:28:56 UTC (rev 54303)
@@ -2510,8 +2510,11 @@
 	RESERVED
 CVE-2017-11423 (The cabd_read_string function in mspack/cabd.c in libmspack 0.5alpha, ...)
 	- libmspack <unfixed> (bug #868956)
+	[wheezy] - clamav <unfixed>
 	NOTE: https://bugzilla.clamav.net/show_bug.cgi?id=11873 (not public)
 	NOTE: https://github.com/hackerlib/hackerlib-vul/tree/master/clamav-vul
+	NOTE: https://github.com/vrtadmin/clamav-devel/commit/ffa31264a657618a0e40c51c01e4bfc32e244d13
+	NOTE: https://github.com/vrtadmin/clamav-devel/commit/ada5f94e5cfb04e1ac2a6f383f2184753f475b96
 CVE-2017-11422 (Statamic framework before 2.6.0 does not correctly check a session's ...)
 	NOT-FOR-US: Statamic
 CVE-2017-11420 (Stack-based buffer overflow in ASUS_Discovery.c in networkmap in ...)