[Secure-testing-commits] r51238 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Mon May 1 12:36:22 UTC 2017
Author: carnil
Date: 2017-05-01 12:36:22 +0000 (Mon, 01 May 2017)
New Revision: 51238
Modified:
data/CVE/list
Log:
Add two libarchive issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-05-01 12:15:25 UTC (rev 51237)
+++ data/CVE/list 2017-05-01 12:36:22 UTC (rev 51238)
@@ -148,8 +148,11 @@
CVE-2016-10351 (Telegram Desktop 0.10.19 uses 0755 permissions for ...)
TODO: check
CVE-2016-10350 (The archive_read_format_cab_read_header function in ...)
- TODO: check
+ - libarchive <unfixed>
+ NOTE: https://github.com/libarchive/libarchive/issues/835
CVE-2016-10349 (The archive_le32dec function in archive_endian.h in libarchive 3.2.2 ...)
+ - libarchive <unfixed>
+ NOTE: https://github.com/libarchive/libarchive/issues/834
TODO: check
CVE-2017-8342 (Radicale before 1.1.2 and 2.x before 2.0.0rc2 is prone to timing ...)
- radicale 1.1.1+20160115-4 (bug #861514)
More information about the Secure-testing-commits
mailing list