[Secure-testing-commits] r58983 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Thu Dec 28 08:52:27 UTC 2017
Author: carnil
Date: 2017-12-28 08:52:27 +0000 (Thu, 28 Dec 2017)
New Revision: 58983
Modified:
data/CVE/list
Log:
Add TODO for CVE-2017-7559
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-12-28 08:40:54 UTC (rev 58982)
+++ data/CVE/list 2017-12-28 08:52:27 UTC (rev 58983)
@@ -38233,6 +38233,7 @@
- undertow <undetermined>
NOTE: For an incomplete fix of CVE-2017-2666
NOTE: Invalid characters were still allowed in the query string and path parameters.
+ TODO: check, asked for clarification to Red Hat: https://bugzilla.redhat.com/show_bug.cgi?id=1481665#c7
CVE-2017-7558 [sctp: out-of-bounds read in inet_diag_msg_sctp{,l}addr_fill() and sctp_get_sctp_info()]
RESERVED
- linux 4.12.13-1
More information about the Secure-testing-commits
mailing list