[Secure-testing-commits] r50113 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Tue Mar 28 04:41:34 UTC 2017
Author: carnil
Date: 2017-03-28 04:41:34 +0000 (Tue, 28 Mar 2017)
New Revision: 50113
Modified:
data/CVE/list
Log:
Update CVE-2017-7274/radare2
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-03-28 04:29:16 UTC (rev 50112)
+++ data/CVE/list 2017-03-28 04:41:34 UTC (rev 50113)
@@ -24,7 +24,9 @@
NOTE: https://github.com/ImageMagick/ImageMagick/issues/271
TODO: check (need to check if we are affected by the second incomplete fix as well)
CVE-2017-7274 (The r_pkcs7_parse_cms function in libr/util/r_pkcs7.c in radare2 1.3.0 ...)
- TODO: check
+ - radare2 <not-affected> (Vulnerable parsers introduced in 1.3.0-git, cf. #858873)
+ NOTE: https://github.com/radare/radare2/commit/7ab66cca5bbdf6cb2d69339ef4f513d95e532dbf
+ NOTE: https://github.com/radare/radare2/issues/7152
CVE-2017-7271 (Reflected Cross-site scripting (XSS) vulnerability in Yii Framework ...)
TODO: check
CVE-2017-7270
More information about the Secure-testing-commits
mailing list