[Secure-testing-commits] r58005 - data/CVE
Luciano Bello
luciano at moszumanska.debian.org
Fri Nov 24 22:00:52 UTC 2017
Author: luciano
Date: 2017-11-24 22:00:33 +0000 (Fri, 24 Nov 2017)
New Revision: 58005
Modified:
data/CVE/list
Log:
CVE-2017-16879: ncurses
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-11-24 21:10:14 UTC (rev 58004)
+++ data/CVE/list 2017-11-24 22:00:33 UTC (rev 58005)
@@ -226,7 +226,8 @@
NOTE: https://github.com/Exiv2/exiv2/issues/175
NOTE: Can't seem to reproduce this in wheezy.
CVE-2017-16879 (Stack-based buffer overflow in the _nc_write_entry function in ...)
- TODO: check
+ - ncurses <unfixed>
+ NOTE: PoC https://packetstormsecurity.com/files/download/145045/tic-overflow.tgz
CVE-2017-16878
RESERVED
CVE-2017-16877 (ZEIT Next.js before 2.4.1 has directory traversal under the /_next and ...)
More information about the Secure-testing-commits
mailing list