[Secure-testing-commits] r54886 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Sat Aug 19 12:44:04 UTC 2017
Author: jmm
Date: 2017-08-19 12:44:04 +0000 (Sat, 19 Aug 2017)
New Revision: 54886
Modified:
data/CVE/list
Log:
libsass no-dsa
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-08-19 12:40:33 UTC (rev 54885)
+++ data/CVE/list 2017-08-19 12:44:04 UTC (rev 54886)
@@ -1,13 +1,16 @@
CVE-2017-12964 (There is a stack consumption issue in LibSass 3.4.5 that is triggered ...)
- libsass <unfixed>
+ [stretch] - libsass <no-dsa> (Minor issue)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1482397
CVE-2017-12963 (There is an illegal address access in Sass::Eval::operator() in ...)
- libsass <unfixed>
+ [stretch] - libsass <no-dsa> (Minor issue)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1482335
NOTE: Similar issue to CVE-2017-11555 but for the issue which remains unfixed
NOTE: with the upstream patch for CVE-2017-11555.
CVE-2017-12962 (There are memory leaks in LibSass 3.4.5 triggered by deeply nested ...)
- libsass <unfixed>
+ [stretch] - libsass <no-dsa> (Minor issue)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1482331
CVE-2017-12961 (There is an assertion abort in the function parse_attributes() in ...)
- pspp <unfixed> (unimportant)
More information about the Secure-testing-commits
mailing list