[Secure-testing-commits] r51749 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Fri May 19 12:33:47 UTC 2017


Author: carnil
Date: 2017-05-19 12:33:47 +0000 (Fri, 19 May 2017)
New Revision: 51749

Modified:
   data/CVE/list
Log:
Add two new dropbear issues

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-05-19 12:30:32 UTC (rev 51748)
+++ data/CVE/list	2017-05-19 12:33:47 UTC (rev 51749)
@@ -1,3 +1,9 @@
+CVE-2017-XXXX [information disclosure with ~/.ssh/authorized_keys symlink]
+	- dropbear <unfixed>
+	NOTE: Patch: https://secure.ucc.asn.au/hg/dropbear/rev/0d889b068123
+CVE-2017-XXXX [double-free in server TCP listener cleanup]
+	- dropbear <unfixed>
+	NOTE: Patch: https://secure.ucc.asn.au/hg/dropbear/rev/c8114a48837c
 CVE-2017-XXXX [Reset memory for RLE decoder]
 	- imagemagick <unfixed> (bug #862967)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/1c358ffe0049f768dd49a8a889c1cbf99ac9849b




More information about the Secure-testing-commits mailing list