[Secure-testing-commits] r49789 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sun Mar 19 12:23:47 UTC 2017
Author: carnil
Date: 2017-03-19 12:23:47 +0000 (Sun, 19 Mar 2017)
New Revision: 49789
Modified:
data/CVE/list
Log:
Minor issues for libplist, mark as no-dsa
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-03-19 12:19:52 UTC (rev 49788)
+++ data/CVE/list 2017-03-19 12:23:47 UTC (rev 49789)
@@ -1700,20 +1700,25 @@
NOTE: https://github.com/libimobiledevice/libplist/issues/99
CVE-2017-6439 (Heap-based buffer overflow in the parse_string_node function in ...)
- libplist 1.12+git+1+e37ca00-0.1
+ [jessie] - libplist <no-dsa> (Minor issue)
NOTE: https://github.com/libimobiledevice/libplist/issues/95
NOTE: https://github.com/libimobiledevice/libplist/commit/32ee5213fe64f1e10ec76c1ee861ee6f233120dd
CVE-2017-6438 (Heap-based buffer overflow in the parse_unicode_node function in ...)
- libplist <unfixed>
+ [jessie] - libplist <no-dsa> (Minor issue)
NOTE: https://github.com/libimobiledevice/libplist/issues/98
CVE-2017-6437 (The base64encode function in base64.c in libimobiledevice libplist ...)
- libplist <unfixed>
+ [jessie] - libplist <no-dsa> (Minor issue)
NOTE: https://github.com/libimobiledevice/libplist/issues/100
CVE-2017-6436 (The parse_string_node function in bplist.c in libimobiledevice ...)
- libplist 1.12+git+1+e37ca00-0.1
+ [jessie] - libplist <no-dsa> (Minor issue)
NOTE: https://github.com/libimobiledevice/libplist/issues/94
NOTE: https://github.com/libimobiledevice/libplist/commit/32ee5213fe64f1e10ec76c1ee861ee6f233120dd
CVE-2017-6435 (The parse_string_node function in bplist.c in libimobiledevice ...)
- libplist 1.12+git+1+e37ca00-0.1
+ [jessie] - libplist <no-dsa> (Minor issue)
NOTE: https://github.com/libimobiledevice/libplist/issues/93
NOTE: https://github.com/libimobiledevice/libplist/commit/fbd8494d5e4e46bf2e90cb6116903e404374fb56
CVE-2017-6434
@@ -3407,17 +3412,20 @@
NOT-FOR-US: converse.js
CVE-2017-5836 (The plist_free_data function in plist.c in libplist allows attackers ...)
- libplist 1.12+git+1+e37ca00-0.1 (bug #854000)
+ [jessie] - libplist <no-dsa> (Minor issue)
[wheezy] - libplist <no-dsa> (pointers are not incorrectly freed and non-string key nodes are officially allowed)
NOTE: https://github.com/libimobiledevice/libplist/issues/86
NOTE: http://www.openwall.com/lists/oss-security/2017/01/31/6
CVE-2017-5835 (libplist allows attackers to cause a denial of service (large memory ...)
{DLA-840-1}
- libplist 1.12+git+1+e37ca00-0.1 (bug #854000)
+ [jessie] - libplist <no-dsa> (Minor issue)
NOTE: https://github.com/libimobiledevice/libplist/issues/88
NOTE: http://www.openwall.com/lists/oss-security/2017/01/31/6
CVE-2017-5834 (The parse_dict_node function in bplist.c in libplist allows attackers ...)
{DLA-840-1}
- libplist 1.12+git+1+e37ca00-0.1 (bug #854000)
+ [jessie] - libplist <no-dsa> (Minor issue)
NOTE: https://github.com/libimobiledevice/libplist/issues/89
NOTE: http://www.openwall.com/lists/oss-security/2017/01/31/6
CVE-2017-5829
More information about the Secure-testing-commits
mailing list