[Secure-testing-commits] r49994 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Fri Mar 24 12:27:29 UTC 2017
Author: carnil
Date: 2017-03-24 12:27:29 +0000 (Fri, 24 Mar 2017)
New Revision: 49994
Modified:
data/CVE/list
Log:
Add CVE-2017-7244/pcre3
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-03-24 12:08:41 UTC (rev 49993)
+++ data/CVE/list 2017-03-24 12:27:29 UTC (rev 49994)
@@ -21,7 +21,8 @@
- pcre3 <unfixed>
NOTE: https://blogs.gentoo.org/ago/2017/03/20/libpcre-two-stack-based-buffer-overflow-write-in-pcre32_copy_substring-pcre_get-c/
CVE-2017-7244 (The _pcre32_xclass function in pcre_xclass.c in libpcre1 in PCRE 8.40 ...)
- TODO: check
+ - pcre3 <unfixed>
+ NOTE: https://blogs.gentoo.org/ago/2017/03/20/libpcre-invalid-memory-read-in-_pcre32_xclass-pcre_xclass-c/
CVE-2017-7243
RESERVED
CVE-2017-7242 (Multiple Cross-Site Scripting (XSS) were discovered in admin/modules ...)
More information about the Secure-testing-commits
mailing list