[Secure-testing-commits] r52283 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sun Jun 4 13:34:14 UTC 2017
Author: carnil
Date: 2017-06-04 13:34:14 +0000 (Sun, 04 Jun 2017)
New Revision: 52283
Modified:
data/CVE/list
Log:
Add bug reference for CVE-2017-5977
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-06-04 13:32:46 UTC (rev 52282)
+++ data/CVE/list 2017-06-04 13:34:14 UTC (rev 52283)
@@ -9890,7 +9890,7 @@
- zziplib 0.13.62-3.1 (bug #854727)
NOTE: http://blogs.gentoo.org/ago/2017/02/09/zziplib-out-of-bounds-read-in-zzip_mem_entry_new-memdisk-c/
CVE-2017-5977 (The zzip_mem_entry_extra_block function in memdisk.c in zziplib ...)
- - zziplib <unfixed> (bug #854727)
+ - zziplib <unfixed> (bug #864150; bug #854727)
[stretch] - zziplib <no-dsa> (Minor issue)
NOTE: http://blogs.gentoo.org/ago/2017/02/09/zziplib-invalid-memory-read-in-zzip_mem_entry_extra_block-memdisk-c/
CVE-2017-5976 (Heap-based buffer overflow in the zzip_mem_entry_extra_block function ...)
More information about the Secure-testing-commits
mailing list