[Secure-testing-commits] r56144 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Tue Sep 26 05:03:07 UTC 2017
Author: carnil
Date: 2017-09-26 05:03:07 +0000 (Tue, 26 Sep 2017)
New Revision: 56144
Modified:
data/CVE/list
Log:
Add new binutils issue
Older suites marked straight as ignored. This is not fully correct, it
has not been invesgitated if potentially it's not affecting jessie and
might be <not-affected> instead.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-09-26 04:50:16 UTC (rev 56143)
+++ data/CVE/list 2017-09-26 05:03:07 UTC (rev 56144)
@@ -4,7 +4,13 @@
CVE-2017-14730 (The init script in the Gentoo app-admin/logstash-bin package before ...)
TODO: check
CVE-2017-14729 (The *_get_synthetic_symtab functions in the Binary File Descriptor ...)
- TODO: check
+ - binutils <unfixed>
+ [stretch] - binutils <ignored> (Minor issue)
+ [jessie] - binutils <ignored> (Minor issue)
+ NOTE: https://blogs.gentoo.org/ago/2017/09/25/binutils-heap-based-buffer-overflow-in-_bfd_x86_elf_get_synthetic_symtab-elfxx-x86-c/
+ NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22170
+ NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;a=commitdiff;h=56933f9e3e90eebf1018ed7417d6c1184b91db6b
+ NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;a=commitdiff;h=61e3bf5f83f7e505b6bc51ef65426e5b31e6e360
CVE-2017-14728
RESERVED
CVE-2017-14726 (Before version 4.8.2, WordPress was vulnerable to a cross-site ...)
More information about the Secure-testing-commits
mailing list