[Secure-testing-commits] r54901 - data/CVE

Sun Aug 20 08:47:06 UTC 2017

Author: carnil
Date: 2017-08-20 08:47:06 +0000 (Sun, 20 Aug 2017)
New Revision: 54901

Modified:
   data/CVE/list
Log:
Record fixed version for libxml2

Modified: data/CVE/list
===================================================================

--- data/CVE/list	2017-08-20 04:50:28 UTC (rev 54900)
+++ data/CVE/list	2017-08-20 08:47:06 UTC (rev 54901)
@@ -11215,25 +11215,25 @@
 	NOTE: https://bugzilla.libav.org/show_bug.cgi?id=1039
 CVE-2017-9050 (libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a heap-based ...)
 	{DLA-1008-1}
-	- libxml2 <unfixed> (bug #863018)
+	- libxml2 2.9.4+dfsg1-3.1 (bug #863018)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=781361 (not public)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/05/15/1
 	NOTE: Fixed by: https://git.gnome.org/browse/libxml2/commit/?id=e26630548e7d138d2c560844c43820b6767251e3
 CVE-2017-9049 (libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a heap-based ...)
 	{DLA-1008-1}
-	- libxml2 <unfixed> (bug #863019)
+	- libxml2 2.9.4+dfsg1-3.1 (bug #863019)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=781205 (not public)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/05/15/1
 	NOTE: Fixed by: https://git.gnome.org/browse/libxml2/commit/?id=e26630548e7d138d2c560844c43820b6767251e3
 CVE-2017-9048 (libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a stack-based ...)
 	{DLA-1008-1}
-	- libxml2 <unfixed> (bug #863021)
+	- libxml2 2.9.4+dfsg1-3.1 (bug #863021)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=781701 (not public)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/05/15/1
 	NOTE: Fixed by: https://git.gnome.org/browse/libxml2/commit/?id=932cc9896ab41475d4aa429c27d9afd175959d74
 CVE-2017-9047 (A buffer overflow was discovered in libxml2 ...)
 	{DLA-1008-1}
-	- libxml2 <unfixed> (bug #863022)
+	- libxml2 2.9.4+dfsg1-3.1 (bug #863022)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=781333 (not public)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/05/15/1
 	NOTE: Fixed by: https://git.gnome.org/browse/libxml2/commit/?id=932cc9896ab41475d4aa429c27d9afd175959d74
@@ -16330,7 +16330,7 @@
 CVE-2017-7376 [Incorrect limit used for port values]
 	RESERVED
 	{DLA-1060-1}
-	- libxml2 <unfixed> (bug #870865)
+	- libxml2 2.9.4+dfsg1-3.1 (bug #870865)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=780690 (not yet public)
 	NOTE: Android patch: https://android.googlesource.com/platform/external/libxml2/+/51e0cb2e5ec18eaf6fb331bc573ff27b743898f4
 	NOTE: Fix upstream: https://git.gnome.org/browse/libxml2/commit/?id=5dca9eea1bd4263bfa4d037ab2443de1cd730f7e
@@ -16341,7 +16341,7 @@
 CVE-2017-7375 [Missing validation for external entities in xmlParsePEReference]
 	RESERVED
 	{DLA-1008-1}
-	- libxml2 <unfixed> (bug #870867)
+	- libxml2 2.9.4+dfsg1-3.1 (bug #870867)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=780691 (not yet public)
 	NOTE: Android patch: https://android.googlesource.com/platform/external/libxml2/+/308396a55280f69ad4112d4f9892f4cbeff042aa
 	NOTE: Fix upstream: https://git.gnome.org/browse/libxml2/commit/?id=90ccb58242866b0ba3edbef8fe44214a101c2b3e
@@ -34944,7 +34944,7 @@
 	NOT-FOR-US: Android
 CVE-2017-0663 (A remote code execution vulnerability in libxml2 could enable an ...)
 	{DLA-1060-1}
-	- libxml2 <unfixed> (bug #870870)
+	- libxml2 2.9.4+dfsg1-3.1 (bug #870870)
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=780228 (not yet public)
 	NOTE: https://android.googlesource.com/platform/external/libxml2/+/521b88fbb6d18312923f0df653d045384b500ffc
 	NOTE: Fixed by: https://git.gnome.org/browse/libxml2/commit/?id=92b9e8c8b3787068565a1820ba575d042f9eec66


