[Secure-testing-commits] r54875 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sat Aug 19 09:16:11 UTC 2017
Author: carnil
Date: 2017-08-19 09:16:11 +0000 (Sat, 19 Aug 2017)
New Revision: 54875
Modified:
data/CVE/list
Log:
Add CVE-2017-12963
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-08-19 09:14:26 UTC (rev 54874)
+++ data/CVE/list 2017-08-19 09:16:11 UTC (rev 54875)
@@ -2,7 +2,10 @@
- libsass <unfixed>
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1482397
CVE-2017-12963 (There is an illegal address access in Sass::Eval::operator() in ...)
- TODO: check
+ - libsass <unfixed>
+ NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1482335
+ NOTE: Similar issue to CVE-2017-11555 but for the issue which remains unfixed
+ NOTE: with the upstream patch for CVE-2017-11555.
CVE-2017-12962 (There are memory leaks in LibSass 3.4.5 triggered by deeply nested ...)
TODO: check
CVE-2017-12961 (There is an assertion abort in the function parse_attributes() in ...)
More information about the Secure-testing-commits
mailing list