[Secure-testing-commits] r51978 - data/CVE

[Emilio Pozuelo Monfort]

Author: pochu
Date: 2017-05-26 16:13:25 +0000 (Fri, 26 May 2017)
New Revision: 51978

Modified:
   data/CVE/list
Log:
CVE-2017-8364/rzip: add link to opensuse package containing a patch

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-05-26 16:09:37 UTC (rev 51977)
+++ data/CVE/list	2017-05-26 16:13:25 UTC (rev 51978)
@@ -2200,6 +2200,7 @@
 	- rzip <unfixed> (bug #861614)
 	[jessie] - rzip <no-dsa> (Minor issue)
 	NOTE: https://blogs.gentoo.org/ago/2017/04/29/rzip-heap-based-buffer-overflow-in-read_buf-stream-c/
+	NOTE: Patch in http://download.opensuse.org/repositories/openSUSE:/Leap:/42.2:/Update/standard/src/rzip-2.1-151.3.1.src.rpm
 CVE-2017-8363 (The flac_buffer_copy function in flac.c in libsndfile 1.0.28 allows ...)
 	- libsndfile <unfixed> (bug #862203)
 	NOTE: https://blogs.gentoo.org/ago/2017/04/29/libsndfile-heap-based-buffer-overflow-in-flac_buffer_copy-flac-c/