[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] unzip no-dsa

Wed Feb 7 18:23:49 UTC 2018

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
2ce0021d by Moritz Muehlenhoff at 2018-02-07T19:23:29+01:00
unzip no-dsa

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================

--- a/data/CVE/list
+++ b/data/CVE/list
@@ -625,6 +625,8 @@ CVE-2018-1000036
 CVE-2018-1000035 [Heap-based buffer overflow in password protected ZIP archives]
 	RESERVED
 	- unzip <unfixed> (bug #889838)
+	[stretch] - unzip <no-dsa> (Harmless crash, builds with fortified source)
+	[jessie] - unzip <no-dsa> (Harmless crash, builds with fortified source)
 	NOTE: https://www.sec-consult.com/en/blog/advisories/multiple-vulnerabilities-in-infozip-unzip/index.html
 CVE-2018-1000034 [Multiple vulnerabilities in the LZMA compression algorithm]
 	RESERVED



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/2ce0021d98191ed26cb4bde72148b2afdb31d7a1

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/2ce0021d98191ed26cb4bde72148b2afdb31d7a1
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180207/b1285821/attachment.html>
