[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2014-10071/zsh

Wed Feb 28 21:14:17 UTC 2018

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
a2764c55 by Salvatore Bonaccorso at 2018-02-28T22:13:47+01:00
Add CVE-2014-10071/zsh

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================

--- a/data/CVE/list
+++ b/data/CVE/list
@@ -69,7 +69,9 @@ CVE-2014-10072 (In utils.c in zsh before 5.0.6, there is a buffer overflow when 
 	- zsh 5.0.6-1
 	NOTE: https://sourceforge.net/p/zsh/code/ci/3e06aeabd8a9e8384ebaa8b08996cd1f64737210
 CVE-2014-10071 (In exec.c in zsh before 5.0.7, there is a buffer overflow for very long ...)
-	TODO: check
+	- zsh 5.0.7-3
+	NOTE: https://sourceforge.net/p/zsh/code/ci/49a3086bb67575435251c70ee598e2fd406ef055
+	NOTE: Debian needed to add cherry-pick-9982ab6f-missing-changelog-entry
 CVE-2014-10070 (zsh before 5.0.7 allows evaluation of the initial values of integer ...)
 	TODO: check
 CVE-2018-7544



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/a2764c5546ada121015edcb6fea23131c82e3f7b

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/a2764c5546ada121015edcb6fea23131c82e3f7b
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180228/894007a3/attachment.html>
