[Secure-testing-commits] r48736 - data/CVE

[Nicholas Luedtke]

Author: nluedtke-guest
Date: 2017-02-06 16:26:11 +0000 (Mon, 06 Feb 2017)
New Revision: 48736

Modified:
   data/CVE/list
Log:
Update CVE-2016-10208

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-02-06 14:47:51 UTC (rev 48735)
+++ data/CVE/list	2017-02-06 16:26:11 UTC (rev 48736)
@@ -32,6 +32,8 @@
 CVE-2016-10208 [linux ext4 memory corruption]
 	- linux <unfixed>
 	[wheezy] - linux <not-affected> (Vulnerable code introduced later)
+	NOTE: Fixed by: https://github.com/torvalds/linux/commit/3a4b77cd47bb837b8557595ec7425f281f2ca1fe (4.10-rc1)
+	NOTE: Introduced by: https://github.com/torvalds/linux/commit/952fc18ef9ec707ebdc16c0786ec360295e5ff15 (3.6-rc1)
 CVE-2017-5886 [podofo: heap-based buffer overflow in PoDoFo::PdfTokenizer::GetNextToken (PdfTokenizer.cpp)]
 	- libpodofo <unfixed>
 	NOTE: https://blogs.gentoo.org/ago/2017/02/03/podofo-heap-based-buffer-overflow-in-podofopdftokenizergetnexttoken-pdftokenizer-cpp