[Secure-testing-commits] r51280 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Tue May 2 19:34:27 UTC 2017
Author: carnil
Date: 2017-05-02 19:34:27 +0000 (Tue, 02 May 2017)
New Revision: 51280
Modified:
data/CVE/list
Log:
Update information for CVE-2017-8399/pcre2
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-05-02 19:07:06 UTC (rev 51279)
+++ data/CVE/list 2017-05-02 19:34:27 UTC (rev 51280)
@@ -51,10 +51,9 @@
NOTE: https://github.com/matthiaskramm/swftools/issues/13
NOTE: https://github.com/matthiaskramm/swftools/commit/7139f3cf7c8bc576bea1dbd07c58ce1ad92b774a
CVE-2017-8399 (PCRE2 before 2017-03-10 has an out-of-bounds write caused by a ...)
- - pcre2 <undetermined>
+ - pcre2 <not-affected> (Did only affect revision after r670 upstream; not in a released version)
NOTE: Fixed by: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=783
NOTE: https://vcs.pcre.org/pcre2?view=revision&revision=674
- TODO: check, possibly introduced only after r670 in upstream, but possibly only uncovered between r670:672
CVE-2017-8398 (dwarf.c in GNU Binutils 2.28 is vulnerable to an invalid read of size 1 ...)
- binutils <unfixed>
[jessie] - binutils <no-dsa> (Minor issue)
More information about the Secure-testing-commits
mailing list