[Secure-testing-commits] r55019 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Thu Aug 24 08:06:21 UTC 2017
Author: carnil
Date: 2017-08-24 08:06:21 +0000 (Thu, 24 Aug 2017)
New Revision: 55019
Modified:
data/CVE/list
Log:
Update information for CVE-2017-12858/libzip
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-08-24 07:13:14 UTC (rev 55018)
+++ data/CVE/list 2017-08-24 08:06:21 UTC (rev 55019)
@@ -2220,8 +2220,9 @@
CVE-2017-12859 (NetApp Data ONTAP before 8.2.5, when operating in 7-Mode in NFS ...)
NOT-FOR-US: NetApp
CVE-2017-12858 (Double free vulnerability in the _zip_dirent_read function in ...)
- - libzip <unfixed>
- NOTE: https://github.com/nih-at/libzip/commit/2217022b7d1142738656d891e00b3d2d9179b796
+ - libzip <not-affected> (Vulnerable code introduced later)
+ NOTE: Introduced after: https://github.com/nih-at/libzip/commit/796c5968ad679220db3fb65ec6f48c66e554e5d5 (rel-1-2-0)
+ NOTE: Fixed by: https://github.com/nih-at/libzip/commit/2217022b7d1142738656d891e00b3d2d9179b796
CVE-2017-12857
RESERVED
CVE-2017-12856
More information about the Secure-testing-commits
mailing list