[Secure-testing-commits] r48569 - data/CVE

[Salvatore Bonaccorso]

Author: carnil
Date: 2017-01-30 20:15:30 +0000 (Mon, 30 Jan 2017)
New Revision: 48569

Modified:
   data/CVE/list
Log:
Add three bitlbee issues

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-01-30 20:06:29 UTC (rev 48568)
+++ data/CVE/list	2017-01-30 20:15:30 UTC (rev 48569)
@@ -1,3 +1,18 @@
+CVE-2017-XXXX [Incomplete fix for "Null pointer dereference with file transfer request from unknown contacts"]
+	- bitlbee <unfixed>
+	NOTE: https://bugs.bitlbee.org/ticket/1282
+	NOTE: Fixed by: https://github.com/bitlbee/bitlbee/commit/30d598ce7cd3f136ee9d7097f39fa9818a272441
+	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2017/01/30/4
+CVE-2017-XXXX [Null pointer dereference with file transfer request from unknown contacts]
+	- bitlbee 3.5-1
+	NOTE: https://bugs.bitlbee.org/ticket/1282
+	NOTE: Fixed by: https://github.com/bitlbee/bitlbee/commit/701ab8129ba9ea64f569daedca9a8603abad740f
+	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2017/01/30/4
+CVE-2017-XXXX [bitlbee-libpurple: Use after free when expiring file transfer requests]
+	- bitlbee 3.5-1
+	NOTE: https://bugs.bitlbee.org/ticket/1281
+	NOTE: Fixed by: https://github.com/bitlbee/bitlbee/commit/ea902752503fc5b356d6513911081ec932d804f2
+	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2017/01/30/4
 CVE-2017-XXXX [Incomplete fix for CVE-2017-5180]
 	- firejail 0.9.44.6-1
 	NOTE: Changelog mentions the new fix for CVE-2017-5180 in RELNOTES for 0.9.44.6