[Secure-testing-commits] r54876 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sat Aug 19 09:19:08 UTC 2017
Author: carnil
Date: 2017-08-19 09:19:08 +0000 (Sat, 19 Aug 2017)
New Revision: 54876
Modified:
data/CVE/list
Log:
Add CVE-2017-12962/libsass
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-08-19 09:16:11 UTC (rev 54875)
+++ data/CVE/list 2017-08-19 09:19:08 UTC (rev 54876)
@@ -7,7 +7,8 @@
NOTE: Similar issue to CVE-2017-11555 but for the issue which remains unfixed
NOTE: with the upstream patch for CVE-2017-11555.
CVE-2017-12962 (There are memory leaks in LibSass 3.4.5 triggered by deeply nested ...)
- TODO: check
+ - libsass <unfixed>
+ NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1482331
CVE-2017-12961 (There is an assertion abort in the function parse_attributes() in ...)
TODO: check
CVE-2017-12960 (There is a reachable assertion abort in the function dict_rename_var() ...)
More information about the Secure-testing-commits
mailing list