[Secure-testing-commits] r56918 - data/CVE
Yves-Alexis Perez
corsac at moszumanska.debian.org
Sun Oct 22 15:29:22 UTC 2017
Author: corsac
Date: 2017-10-22 15:29:21 +0000 (Sun, 22 Oct 2017)
New Revision: 56918
Modified:
data/CVE/list
Log:
add bug number for irssi
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-10-22 15:18:39 UTC (rev 56917)
+++ data/CVE/list 2017-10-22 15:29:21 UTC (rev 56918)
@@ -133,12 +133,12 @@
RESERVED
CVE-2017-15723 [Overlong nicks or targets may result in a NULL pointer dereference while splitting the message]
RESERVED
- - irssi <unfixed>
+ - irssi <unfixed> (bug #879521)
CVE-2017-15722 [In certain cases Irssi may fail to verify that a Safe channel ID is long enough, causing reads beyond the end of the string]
RESERVED
- - irssi <unfixed>
+ - irssi <unfixed> (bug #879521)
CVE-2017-15721 [Certain incorrectly formatted DCC CTCP messages could cause NULL pointer dereference]
- - irssi <unfixed>
+ - irssi <unfixed> (bug #879521)
RESERVED
CVE-2017-15720
RESERVED
@@ -1314,9 +1314,9 @@
RESERVED
CVE-2017-15228 [When installing themes with unterminated colour formatting sequences, Irssi may access data beyond the end of the string]
RESERVED
- - irssi <unfixed>
+ - irssi <unfixed> (bug #879521)
CVE-2017-15227 [While waiting for the channel synchronisation, Irssi may incorrectly fail to remove destroyed channels from the query list, resulting in use after free conditions when updating the state later on.]
- - irssi <unfixed>
+ - irssi <unfixed> (bug #879521)
RESERVED
CVE-2017-15226 (Zyxel NBG6716 V1.00(AAKG.9)C0 devices allow command injection in the ...)
NOT-FOR-US: Zyxel
More information about the Secure-testing-commits
mailing list