[Secure-testing-commits] r47916 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Wed Jan 11 19:03:15 UTC 2017
Author: carnil
Date: 2017-01-11 19:03:15 +0000 (Wed, 11 Jan 2017)
New Revision: 47916
Modified:
data/CVE/list
Log:
Update status for CVE-2017-5330/ark
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-01-11 18:56:34 UTC (rev 47915)
+++ data/CVE/list 2017-01-11 19:03:15 UTC (rev 47916)
@@ -296,7 +296,10 @@
CVE-2017-5330 [unintended execution of scripts and executable files]
RESERVED
- ark <unfixed> (bug #850874)
+ [jessie] - ark <not-affected> (Vulnerable code introduced later)
+ [wheezy] - ark <not-affected> (Vulnerable code introduced later)
NOTE: Fixed by: https://cgit.kde.org/ark.git/commit/?id=82fdfd24d46966a117fa625b68784735a40f9065
+ NOTE: "Open File" action introduced in https://cgit.kde.org/ark.git/commit/?id=f1cf10f25af245823f81b8ff457a04c7593dede7 (v15.11.80)
CVE-2017-5226 [escape via TIOCSTI ioctl]
RESERVED
- bubblewrap 0.1.5-2 (bug #850702)
More information about the Secure-testing-commits
mailing list