[Secure-testing-commits] r53133 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sun Jul 2 20:23:31 UTC 2017
Author: carnil
Date: 2017-07-02 20:23:31 +0000 (Sun, 02 Jul 2017)
New Revision: 53133
Modified:
data/CVE/list
Log:
Add source package name for CVE-2017-1068{4,5}
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-07-02 20:19:28 UTC (rev 53132)
+++ data/CVE/list 2017-07-02 20:23:31 UTC (rev 53133)
@@ -235,9 +235,11 @@
- nasm <unfixed>
NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392414
CVE-2017-10685 (In ncurses 6.0, there is a format string vulnerability in the fmt_entry ...)
- TODO: check
+ - ncurses <unfixed>
+ NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1464692
CVE-2017-10684 (In ncurses 6.0, there is a stack-based buffer overflow in the fmt_entry ...)
- TODO: check
+ - ncurses <unfixed>
+ NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1464687
CVE-2017-10683 (In mpg123 1.25.0, there is a heap-based buffer over-read in the ...)
- mpg123 <unfixed> (bug #866860)
[stretch] - mpg123 <no-dsa> (Minor issue)
More information about the Secure-testing-commits
mailing list