[Secure-testing-commits] r55512 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Wed Sep 6 19:10:17 UTC 2017
Author: carnil
Date: 2017-09-06 19:10:17 +0000 (Wed, 06 Sep 2017)
New Revision: 55512
Modified:
data/CVE/list
Log:
Add new libarchive issue
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-09-06 17:16:37 UTC (rev 55511)
+++ data/CVE/list 2017-09-06 19:10:17 UTC (rev 55512)
@@ -1,3 +1,8 @@
+CVE-2017-14166 [heap-based buffer overflow in xml_data (archive_read_support_format_xar.c)]
+ - libarchive <unfixed>
+ NOTE: http://www.openwall.com/lists/oss-security/2017/09/06/5
+ NOTE: https://github.com/libarchive/libarchive/commit/fa7438a0ff4033e4741c807394a9af6207940d71
+ NOTE: https://github.com/libarchive/libarchive/issues/935
CVE-2017-14160
RESERVED
CVE-2017-XXXX [bzr+ssh URLs don't strip SSH options]
More information about the Secure-testing-commits
mailing list