[Secure-testing-commits] r55471 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Tue Sep 5 16:38:06 UTC 2017


Author: carnil
Date: 2017-09-05 16:38:06 +0000 (Tue, 05 Sep 2017)
New Revision: 55471

Modified:
   data/CVE/list
Log:
Add new file issue

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-09-05 16:35:03 UTC (rev 55470)
+++ data/CVE/list	2017-09-05 16:38:06 UTC (rev 55471)
@@ -1,3 +1,9 @@
+CVE-2017-1000249 [stack based buffer overflow]
+	- file <unfixed>
+	[jessie] - file <not-affected> (Vulnerable code introduced later)
+	[wheezy] - file <not-affected> (Vulnerable code introduced later)
+	NOTE: Upstream fix: https://github.com/file/file/commit/35c94dc6acc418f1ad7f6241a6680e5327495793
+	NOTE: Introduced by: https://github.com/file/file/commit/9611f31313a93aa036389c5f3b15eea53510d4d1
 CVE-2017-14150
 	RESERVED
 CVE-2017-14149 (GoAhead 3.4.0 through 3.6.5 has a NULL Pointer Dereference in the ...)




More information about the Secure-testing-commits mailing list