[Secure-testing-commits] r56859 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Thu Oct 19 09:24:42 UTC 2017
Author: carnil
Date: 2017-10-19 09:24:42 +0000 (Thu, 19 Oct 2017)
New Revision: 56859
Modified:
data/CVE/list
Log:
Add new libextractor issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-10-19 09:10:14 UTC (rev 56858)
+++ data/CVE/list 2017-10-19 09:24:42 UTC (rev 56859)
@@ -69,11 +69,15 @@
CVE-2017-15603
RESERVED
CVE-2017-15602 (In GNU Libextractor 1.4, there is an integer signedness error for the ...)
- TODO: check
+ - libextractor <unfixed>
+ NOTE: http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00005.html
CVE-2017-15601 (In GNU Libextractor 1.4, there is a heap-based buffer overflow in the ...)
- TODO: check
+ - libextractor <unfixed>
+ NOTE: http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00006.html
CVE-2017-15600 (In GNU Libextractor 1.4, there is a NULL Pointer Dereference in the ...)
- TODO: check
+ - libextractor <unfixed>
+ NOTE: http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00004.html
+ NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1501695
CVE-2017-15599
RESERVED
CVE-2017-15598
More information about the Secure-testing-commits
mailing list