[Secure-testing-commits] r58202 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Fri Dec 1 23:14:02 UTC 2017
Author: carnil
Date: 2017-12-01 23:14:02 +0000 (Fri, 01 Dec 2017)
New Revision: 58202
Modified:
data/CVE/list
Log:
Add fixing version for CVE-2014-9488/less
Upstream fixed it in 475, first version in unstable containing the fix
is 481-1.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-12-01 23:09:19 UTC (rev 58201)
+++ data/CVE/list 2017-12-01 23:14:02 UTC (rev 58202)
@@ -107217,7 +107217,7 @@
CVE-2014-9490 (The numtok function in lib/raven/okjson.rb in the raven-ruby gem ...)
NOT-FOR-US: raven ruby gem
CVE-2014-9488 (The is_utf8_well_formed function in GNU less before 475 allows remote ...)
- - less <unfixed> (unimportant; bug #780247)
+ - less 481-1 (unimportant; bug #780247)
NOTE: http://www.openwall.com/lists/oss-security/2015/03/10/14
NOTE: https://blog.fuzzing-project.org/3-less-out-of-bounds-read-access-TFPA-0022014.html
CVE-2014-9484
More information about the Secure-testing-commits
mailing list