[Secure-testing-commits] r48259 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sat Jan 21 17:16:00 UTC 2017
Author: carnil
Date: 2017-01-21 17:16:00 +0000 (Sat, 21 Jan 2017)
New Revision: 48259
Modified:
data/CVE/list
Log:
Update information for CVE-2016-2087/hexchat
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-01-21 17:13:13 UTC (rev 48258)
+++ data/CVE/list 2017-01-21 17:16:00 UTC (rev 48259)
@@ -37907,8 +37907,10 @@
- bind9 <not-affected> (Introduced in Bind 9.10)
NOTE: https://kb.isc.org/article/AA-01351
CVE-2016-2087 (Directory traversal vulnerability in the client in HexChat 2.11.0 ...)
- - hexchat <unfixed>
+ - hexchat 2.12.3-0.1
NOTE: https://www.exploit-db.com/exploits/39656/
+ NOTE: https://github.com/hexchat/hexchat/issues/1933
+ NOTE: https://github.com/hexchat/hexchat/commit/15600f405f2d5bda6ccf0dd73957395716e0d4d3
CVE-2016-2086 (Node.js 0.10.x before 0.10.42, 0.12.x before 0.12.10, 4.x before ...)
- nodejs 4.3.0~dfsg-1 (unimportant)
NOTE: libv8 is not covered by security support
More information about the Secure-testing-commits
mailing list