[Secure-testing-commits] r55008 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Wed Aug 23 21:12:26 UTC 2017
Author: carnil
Date: 2017-08-23 21:12:26 +0000 (Wed, 23 Aug 2017)
New Revision: 55008
Modified:
data/CVE/list
Log:
Add bug reference for libsass
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-08-23 21:10:13 UTC (rev 55007)
+++ data/CVE/list 2017-08-23 21:12:26 UTC (rev 55008)
@@ -1431,17 +1431,17 @@
CVE-2017-12965 (Session fixation vulnerability in Apache2Triad 1.5.4 allows remote ...)
TODO: check
CVE-2017-12964 (There is a stack consumption issue in LibSass 3.4.5 that is triggered ...)
- - libsass <unfixed>
+ - libsass <unfixed> (bug #873034)
[stretch] - libsass <no-dsa> (Minor issue)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1482397
CVE-2017-12963 (There is an illegal address access in Sass::Eval::operator() in ...)
- - libsass <unfixed>
+ - libsass <unfixed> (bug #873034)
[stretch] - libsass <no-dsa> (Minor issue)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1482335
NOTE: Similar issue to CVE-2017-11555 but for the issue which remains unfixed
NOTE: with the upstream patch for CVE-2017-11555.
CVE-2017-12962 (There are memory leaks in LibSass 3.4.5 triggered by deeply nested ...)
- - libsass <unfixed>
+ - libsass <unfixed> (bug #873034)
[stretch] - libsass <no-dsa> (Minor issue)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1482331
CVE-2017-12961 (There is an assertion abort in the function parse_attributes() in ...)
More information about the Secure-testing-commits
mailing list