[Secure-testing-commits] r55838 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sun Sep 17 18:24:36 UTC 2017
Author: carnil
Date: 2017-09-17 18:24:36 +0000 (Sun, 17 Sep 2017)
New Revision: 55838
Modified:
data/CVE/list
Log:
CVE-2017-1450{1,2,3}/libarchive assigned
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-09-17 17:38:35 UTC (rev 55837)
+++ data/CVE/list 2017-09-17 18:24:36 UTC (rev 55838)
@@ -1,3 +1,13 @@
+CVE-2017-14503 [out-of-bounds read in lha_read_data_none()]
+ - libarchive <unfixed> (bug #875960)
+ NOTE: https://github.com/libarchive/libarchive/issues/948
+CVE-2017-14502 [out-of-bounds read in archive_read_format_rar_read_header()]
+ - libarchive <unfixed> (bug #875974)
+ NOTE: https://github.com/libarchive/libarchive/commit/5562545b5562f6d12a4ef991fae158bf4ccf92b6
+ NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=573
+CVE-2017-14501 [out-of-bounds read in archive_read_format_iso9660_read_header()]
+ - libarchive <unfixed> (bug #875966)
+ NOTE: https://github.com/libarchive/libarchive/issues/949
CVE-2017-14500 (Improper Neutralization of Special Elements used in an OS Command in ...)
- newsbeuter <unfixed> (bug #876004)
NOTE: http://openwall.com/lists/oss-security/2017/09/16/1
More information about the Secure-testing-commits
mailing list