[Secure-testing-commits] r48047 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sat Jan 14 15:45:56 UTC 2017
Author: carnil
Date: 2017-01-14 15:45:55 +0000 (Sat, 14 Jan 2017)
New Revision: 48047
Modified:
data/CVE/list
Log:
Add information for CVE-2017-5338
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-01-14 15:45:10 UTC (rev 48046)
+++ data/CVE/list 2017-01-14 15:45:55 UTC (rev 48047)
@@ -343,10 +343,11 @@
- libgit2 <unfixed>
NOTE: https://github.com/libgit2/libgit2/commit/3829ba2e710553893faf6336cc6b2f3fc17a293e (v0.25.1)
NOTE: https://github.com/libgit2/libgit2/commit/d3cb8f64cde3b84c3d1543f122f989aeb2f6a69e (v0.24.1)
-CVE-2017-5338
+CVE-2017-5338 [http: perform 'badssl' check also via certificate callback]
RESERVED
- libgit2 <unfixed>
- NOTE: https://github.com/libgit2/libgit2/commit/98d66240ecb7765e191da19b535c75c92ccc90fe
+ NOTE: https://github.com/libgit2/libgit2/commit/98d66240ecb7765e191da19b535c75c92ccc90fe (v0.25.1)
+ NOTE: https://github.com/libgit2/libgit2/commit/ca531956619f021913ac01669b3818a705b7b676 (v0.24.6)
CVE-2016-10130 [http: check certificate validity before clobbering the error variable]
RESERVED
- libgit2 <unfixed>
More information about the Secure-testing-commits
mailing list