[Secure-testing-commits] r47882 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Tue Jan 10 20:40:09 UTC 2017
Author: carnil
Date: 2017-01-10 20:40:09 +0000 (Tue, 10 Jan 2017)
New Revision: 47882
Modified:
data/CVE/list
Log:
Three CVEs for libxml2 are Red Hat specific as confirmed
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-01-10 20:04:38 UTC (rev 47881)
+++ data/CVE/list 2017-01-10 20:40:09 UTC (rev 47882)
@@ -11452,19 +11452,13 @@
NOT-FOR-US: puppet-tripleo
CVE-2016-9598 [out-of-bounds read]
RESERVED
- - libxml2 <unfixed> (bug #849206)
- NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1408306 (asked for details)
+ - libxml2 <not-affected> (Red Hat specific security regressions)
CVE-2016-9597 [stack overflow before detecting invalid XML file]
RESERVED
- - libxml2 <unfixed> (bug #849199)
- NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1408305
- NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=775380
+ - libxml2 <not-affected> (Red Hat specific security regressions)
CVE-2016-9596 [stack exhaustion while parsing xml files in recovery mode]
RESERVED
- - libxml2 <unfixed> (bug #849198)
- [jessie] - libxml2 <no-dsa> (Minor issue)
- [wheezy] - libxml2 <no-dsa> (Minor issue)
- NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1408302
+ - libxml2 <not-affected> (Red Hat specific security regressions)
NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=769658
CVE-2016-9595
RESERVED
More information about the Secure-testing-commits
mailing list