[Secure-testing-commits] r49344 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Wed Mar 1 18:31:26 UTC 2017
Author: carnil
Date: 2017-03-01 18:31:26 +0000 (Wed, 01 Mar 2017)
New Revision: 49344
Modified:
data/CVE/list
Log:
Add CVE-2017-6414/libcacard
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-03-01 18:26:11 UTC (rev 49343)
+++ data/CVE/list 2017-03-01 18:31:26 UTC (rev 49344)
@@ -1,3 +1,7 @@
+CVE-2017-6414 [libcacard: host memory leakage while creating new APDU]
+ - libcacard <unfixed>
+ NOTE: Fixed by: https://cgit.freedesktop.org/spice/libcacard/commit/?id=9113dc6a303604a2d9812ac70c17d076ef11886c
+ TODO: check
CVE-2017-6413 [does not scrub headers for "AuthType oauth20"]
- libapache2-mod-auth-openidc 2.1.6-1
NOTE: https://github.com/pingidentity/mod_auth_openidc/commit/21e3728a825c41ab41efa75e664108051bb9665e
More information about the Secure-testing-commits
mailing list