[Secure-testing-commits] r51239 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Mon May 1 13:08:14 UTC 2017
Author: carnil
Date: 2017-05-01 13:08:14 +0000 (Mon, 01 May 2017)
New Revision: 51239
Modified:
data/CVE/list
Log:
Add fixing commit for CVE-2016-10349 and CVE-2016-10350
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-05-01 12:36:22 UTC (rev 51238)
+++ data/CVE/list 2017-05-01 13:08:14 UTC (rev 51239)
@@ -150,10 +150,11 @@
CVE-2016-10350 (The archive_read_format_cab_read_header function in ...)
- libarchive <unfixed>
NOTE: https://github.com/libarchive/libarchive/issues/835
+ NOTE: Fixed by: https://github.com/libarchive/libarchive/commit/88eb9e1d73fef46f04677c25b1697b8e25777ed3
CVE-2016-10349 (The archive_le32dec function in archive_endian.h in libarchive 3.2.2 ...)
- libarchive <unfixed>
NOTE: https://github.com/libarchive/libarchive/issues/834
- TODO: check
+ NOTE: Fixed by: https://github.com/libarchive/libarchive/commit/88eb9e1d73fef46f04677c25b1697b8e25777ed3
CVE-2017-8342 (Radicale before 1.1.2 and 2.x before 2.0.0rc2 is prone to timing ...)
- radicale 1.1.1+20160115-4 (bug #861514)
NOTE: https://github.com/Kozea/Radicale/commit/190b1dd795f0c552a4992445a231da760211183b (1.1.x)
More information about the Secure-testing-commits
mailing list