[Secure-testing-commits] r49658 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Mon Mar 13 22:52:42 UTC 2017
Author: jmm
Date: 2017-03-13 22:52:41 +0000 (Mon, 13 Mar 2017)
New Revision: 49658
Modified:
data/CVE/list
Log:
libplist fixed
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-03-13 21:31:41 UTC (rev 49657)
+++ data/CVE/list 2017-03-13 22:52:41 UTC (rev 49658)
@@ -2721,18 +2721,18 @@
CVE-2017-5858 (An incorrect implementation of "XEP-0280: Message Carbons" in multiple ...)
NOT-FOR-US: converse.js
CVE-2017-5836 (The plist_free_data function in plist.c in libplist allows attackers ...)
- - libplist <unfixed> (bug #854000)
+ - libplist 1.12+git+1+e37ca00-0.1 (bug #854000)
[wheezy] - libplist <no-dsa> (pointers are not incorrectly freed and non-string key nodes are officially allowed)
NOTE: https://github.com/libimobiledevice/libplist/issues/86
NOTE: http://www.openwall.com/lists/oss-security/2017/01/31/6
CVE-2017-5835 (libplist allows attackers to cause a denial of service (large memory ...)
{DLA-840-1}
- - libplist <unfixed> (bug #854000)
+ - libplist 1.12+git+1+e37ca00-0.1 (bug #854000)
NOTE: https://github.com/libimobiledevice/libplist/issues/88
NOTE: http://www.openwall.com/lists/oss-security/2017/01/31/6
CVE-2017-5834 (The parse_dict_node function in bplist.c in libplist allows attackers ...)
{DLA-840-1}
- - libplist <unfixed> (bug #854000)
+ - libplist 1.12+git+1+e37ca00-0.1 (bug #854000)
NOTE: https://github.com/libimobiledevice/libplist/issues/89
NOTE: http://www.openwall.com/lists/oss-security/2017/01/31/6
CVE-2017-5829
@@ -3752,7 +3752,7 @@
- b2evolution <removed>
CVE-2017-5545 (The main function in plistutil.c in libimobiledevice libplist through ...)
{DLA-811-1}
- - libplist <unfixed> (low; bug #852385)
+ - libplist 1.12+git+1+e37ca00-0.1 (low; bug #852385)
[jessie] - libplist <no-dsa> (Minor issue)
NOTE: https://github.com/libimobiledevice/libplist/issues/87
NOTE: Fixed by: https://github.com/libimobiledevice/libplist/commit/7391a506352c009fe044dead7baad9e22dd279ee
@@ -4958,7 +4958,7 @@
RESERVED
CVE-2017-5209 (The base64decode function in base64.c in libimobiledevice libplist ...)
{DLA-811-1}
- - libplist <unfixed> (low; bug #851196)
+ - libplist 1.12+git+1+e37ca00-0.1 (low; bug #851196)
[jessie] - libplist <no-dsa> (Minor issue)
NOTE: Upstream bug: https://github.com/libimobiledevice/libplist/issues/84
NOTE: https://github.com/libimobiledevice/libplist/commit/3a55ddd3c4c11ce75a86afbefd085d8d397ff957
More information about the Secure-testing-commits
mailing list