[Secure-testing-commits] r52634 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Sat Jun 17 06:30:24 UTC 2017


Author: carnil
Date: 2017-06-17 06:30:23 +0000 (Sat, 17 Jun 2017)
New Revision: 52634

Modified:
   data/CVE/list
Log:
Add CVE-2017-7376

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-06-17 05:06:18 UTC (rev 52633)
+++ data/CVE/list	2017-06-17 06:30:23 UTC (rev 52634)
@@ -6780,8 +6780,13 @@
 	NOTE: http://git.qemu-project.org/?p=qemu.git;a=commitdiff;h=d63fb193e71644a073b77ff5ac6f1216f2f6cf6e
 	NOTE: http://www.openwall.com/lists/oss-security/2017/04/03/2
 	NOTE: For older releases affected code is in hw/9pfs/virtio-9p.c
-CVE-2017-7376
+CVE-2017-7376 [Incorrect limit used for port values]
 	RESERVED
+	- libxml2 <unfixed>
+	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=780690 (not yet public)
+	NOTE: Fix Android: https://android.googlesource.com/platform/external/libxml2/+/51e0cb2e5ec18eaf6fb331bc573ff27b743898f4
+	NOTE: Fix upstream: https://git.gnome.org/browse/libxml2/commit/?id=5dca9eea1bd4263bfa4d037ab2443de1cd730f7e
+	NOTE: Fix upstream not yet complete as per 2017-06-17
 CVE-2017-7375
 	RESERVED
 CVE-2017-7374 (Use-after-free vulnerability in fs/crypto/ in the Linux kernel before ...)




More information about the Secure-testing-commits mailing list