[Secure-testing-commits] r51254 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Tue May 2 04:42:50 UTC 2017
Author: carnil
Date: 2017-05-02 04:42:50 +0000 (Tue, 02 May 2017)
New Revision: 51254
Modified:
data/CVE/list
Log:
Add notes for pcre2 issue
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-05-02 04:22:05 UTC (rev 51253)
+++ data/CVE/list 2017-05-02 04:42:50 UTC (rev 51254)
@@ -7,7 +7,10 @@
CVE-2017-8400 (In SWFTools 0.9.2, an out-of-bounds write of heap data can occur in the ...)
TODO: check
CVE-2017-8399 (PCRE2 before 2017-03-10 has an out-of-bounds write caused by a ...)
- TODO: check
+ - pcre2 <undetermined>
+ NOTE: Fixed by: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=783
+ NOTE: https://vcs.pcre.org/pcre2?view=revision&revision=674
+ TODO: check, possibly introduced only after r670 in upstream, but possibly only uncovered between r670:672
CVE-2017-8398 (dwarf.c in GNU Binutils 2.28 is vulnerable to an invalid read of size 1 ...)
TODO: check
CVE-2017-8397 (The Binary File Descriptor (BFD) library (aka libbfd), as distributed ...)
More information about the Secure-testing-commits
mailing list