[Secure-testing-commits] r56936 - data/CVE

Raphael Geissert geissert at moszumanska.debian.org
Tue Oct 24 09:26:33 UTC 2017


Author: geissert
Date: 2017-10-24 09:26:33 +0000 (Tue, 24 Oct 2017)
New Revision: 56936

Modified:
   data/CVE/list
Log:
new curl issue, from external check


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-10-24 09:13:30 UTC (rev 56935)
+++ data/CVE/list	2017-10-24 09:26:33 UTC (rev 56936)
@@ -1849,6 +1849,10 @@
 	- koji <unfixed> (bug #877921)
 	NOTE: https://pagure.io/koji/issue/563
 	NOTE: https://pagure.io/koji/c/ba7b5a3cbed11ade11c3af5e834c9a6de4f6d7c3
+CVE-2017-1000257 [curl: IMAP FETCH response out of bounds read]
+	- curl <unfixed>
+	TODO: check
+	NOTE: https://curl.haxx.se/docs/adv_20171023.html
 CVE-2017-1000256 [LSN-2017-0002: TLS certificate verification disabled for clients]
 	RESERVED
 	{DSA-4003-1}




More information about the Secure-testing-commits mailing list