[Secure-testing-commits] r52321 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Mon Jun 5 12:50:09 UTC 2017
Author: carnil
Date: 2017-06-05 12:50:08 +0000 (Mon, 05 Jun 2017)
New Revision: 52321
Modified:
data/CVE/list
Log:
Add CVE-2017-9430/dnstracer
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-06-05 12:44:27 UTC (rev 52320)
+++ data/CVE/list 2017-06-05 12:50:08 UTC (rev 52321)
@@ -11,8 +11,12 @@
- grpc 1.3.2-0.1 (bug #864210)
NOTE: https://github.com/grpc/grpc/pull/10492
NOTE: Fixed by: https://github.com/grpc/grpc/commit/c6ec1155d026c91b1badb07ef1605bb747cff064
-CVE-2017-9430
+CVE-2017-9430 [stack-based buffer overflow]
RESERVED
+ - dnstracer <unfixed> (unimportant)
+ NOTE: Crash in CLI tool, disputable if any exposed service makes use of dnstrace.
+ NOTE: One scenario would be to have a web application that launches dnstracer
+ NOTE: with user supplied name strings to evaluate.
CVE-2017-9429
RESERVED
CVE-2017-9428 (A directory traversal vulnerability exists in ...)
More information about the Secure-testing-commits
mailing list