[Secure-testing-commits] r48294 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Mon Jan 23 05:20:26 UTC 2017
Author: carnil
Date: 2017-01-23 05:20:26 +0000 (Mon, 23 Jan 2017)
New Revision: 48294
Modified:
data/CVE/list
Log:
Revert fixing version for CVE-2016-2087, thanks mapreri
The source was wrongly triaged by me. Whilest the upstream version
2.12.3 did contain the fix, this very upload as well did revert the
commit fixing the issue, due to breaking usability for users.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-01-22 23:28:21 UTC (rev 48293)
+++ data/CVE/list 2017-01-23 05:20:26 UTC (rev 48294)
@@ -37918,7 +37918,7 @@
- bind9 <not-affected> (Introduced in Bind 9.10)
NOTE: https://kb.isc.org/article/AA-01351
CVE-2016-2087 (Directory traversal vulnerability in the client in HexChat 2.11.0 ...)
- - hexchat 2.12.3-0.1
+ - hexchat <unfixed>
[jessie] - hexchat <no-dsa> (Minor issue)
NOTE: https://www.exploit-db.com/exploits/39656/
NOTE: https://github.com/hexchat/hexchat/issues/1933
More information about the Secure-testing-commits
mailing list