[Secure-testing-commits] r56871 - data/CVE
Thorsten Alteholz
alteholz at moszumanska.debian.org
Thu Oct 19 13:58:45 UTC 2017
Author: alteholz
Date: 2017-10-19 13:58:44 +0000 (Thu, 19 Oct 2017)
New Revision: 56871
Modified:
data/CVE/list
Log:
jessie and wheezy are not affected by CVE-2017-15385
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-10-19 13:28:02 UTC (rev 56870)
+++ data/CVE/list 2017-10-19 13:58:44 UTC (rev 56871)
@@ -563,6 +563,8 @@
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
CVE-2017-15385 (The store_versioninfo_gnu_verdef function in libr/bin/format/elf/elf.c ...)
- radare2 <unfixed>
+ [jessie] - radare2 <not-affected> (Vulnerable code introduced in 0.10.2)
+ [wheezy] - radare2 <not-affected> (Vulnerable code introduced in 0.10.2)
NOTE: https://github.com/radare/radare2/issues/8685
NOTE: https://github.com/radare/radare2/commit/21a6f570ba33fa9f52f1bba87f07acc4e8c178f4
CVE-2017-15384 (rate-me.php in Rate Me 1.0 has XSS via the id field in a rate action. ...)
More information about the Secure-testing-commits
mailing list